Vulnerabilites related to Red Hat - Red Hat OpenShift Container Platform 4
cve-2024-50311
Vulnerability from cvelistv5
Published
2024-10-22 13:24
Modified
2025-02-25 08:07
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate users.
References
https://access.redhat.com/errata/RHSA-2024:6122vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-50311vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2319379issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502110632.p0.g24ccf7a.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-50311",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-22T15:43:27.683347Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-22T15:43:43.098Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502110632.p0.g24ccf7a.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Maksymilian Kubiak (AFINE), Paweł Zdunek (AFINE), and Sławomir Zakrzewski (AFINE) for reporting this issue.",
            },
         ],
         datePublic: "2024-10-17T13:16:49.327Z",
         descriptions: [
            {
               lang: "en",
               value: "A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate users.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-770",
                     description: "Allocation of Resources Without Limits or Throttling",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-25T08:07:58.124Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:6122",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6122",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-50311",
            },
            {
               name: "RHBZ#2319379",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319379",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-17T12:33:51.373000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-10-17T13:16:49.327000+00:00",
               value: "Made public.",
            },
         ],
         title: "Graphql: denial of service (dos) vulnerability via graphql batching",
         x_redhatCweChain: "CWE-770: Allocation of Resources Without Limits or Throttling",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-50311",
      datePublished: "2024-10-22T13:24:04.199Z",
      dateReserved: "2024-10-22T07:15:25.163Z",
      dateUpdated: "2025-02-25T08:07:58.124Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0685
Vulnerability from cvelistv5
Published
2025-03-03 17:14
Modified
2025-03-04 16:13
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-0685vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346120issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0685",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T16:13:24.859221Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T16:13:48.628Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-03T17:14:23.575Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0685",
            },
            {
               name: "RHBZ#2346120",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346120",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:26:31.971000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0685",
      datePublished: "2025-03-03T17:14:23.575Z",
      dateReserved: "2025-01-23T19:09:21.691Z",
      dateUpdated: "2025-03-04T16:13:48.628Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1394
Vulnerability from cvelistv5
Published
2024-03-21 12:16
Modified
2025-03-25 17:00
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
References
https://access.redhat.com/errata/RHSA-2024:1462vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1468vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1472vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1501vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1502vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1561vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1563vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1566vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1567vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1574vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1640vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1644vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1646vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1763vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1897vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2562vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2568vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2569vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2729vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2730vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2767vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3265vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3352vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4146vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4371vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4378vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4379vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4502vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4581vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4591vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4672vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4699vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4761vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4762vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4960vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5258vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5634vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7262vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1394vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2262921issue-tracking, x_refsource_REDHAT
https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136
https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6
https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f
https://pkg.go.dev/vuln/GO-2024-2660
https://vuln.go.dev/ID/GO-2024-2660.json
Impacted products
Vendor Product Version
Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8 Unaffected: 0:1.4.5-1.el8ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9 Unaffected: 0:1.4.5-1.el9ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
 Create a notification for this product.
   Red Hat Red Hat Developer Tools Unaffected: 0:1.19.13-6.el7_9   < *
    cpe:/a:redhat:devtools:2023::el7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8090020240313170136.26eb71ac   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:5.1.1-2.el8_9   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:9.2.10-8.el8_9   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:9.2.10-16.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240808093819.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:101-2.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.12-2.el9_3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:9.2.10-8.el9_3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.1.1-2.el9_3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.21.9-2.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:9.2.10-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.1.1-2.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.33.7-3.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-5.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 6:0.7.3-4.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.14.3-3.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:1.4.0-4.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:1.1.12-3.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 2:4.2.0-4.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 1:1.0.1-6.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.19.13-7.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:4.4.1-20.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 1:1.23.4-5.2.rhaos4.12.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:0.16.0-2.2.rhaos4.12.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 1:1.4.0-1.1.rhaos4.12.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-13.1.rhaos4.12.git76343da.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.0-2.2.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:2.14.0-7.1.rhaos4.12.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 3:4.2.0-7.2.rhaos4.12.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 3:1.1.6-5.2.rhaos4.12.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 2:1.9.4-3.2.rhaos4.12.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 1:1.29.1-2.2.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 1:1.4.0-1.1.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-11.1.rhaos4.13.git919cc6e.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.0-4.2.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:2.15.0-7.1.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-5.2.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 4:1.1.12-1.1.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 2:1.11.2-2.2.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:0.19.0-1.3.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 1:1.4.0-1.2.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.0-3.1.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:2.16.2-2.1.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-11.3.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 2:1.11.2-10.3.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 1:1.29.1-10.4.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:0.19.0-1.4.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:2.1.7-3.4.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 1:1.4.0-1.3.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.4-7.2.rhaos4.14.git082c52f.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.0-3.2.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:2.16.2-2.2.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202404151639.p0.gd2acdd5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202404151639.p0.g8926a29.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-11.4.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 4:1.1.12-1.2.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 2:1.11.2-10.4.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.19-202403280926.p0.gc1f8861.assembly.4.14.19.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202407300859-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 1:1.29.1-20.3.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:0.20.0-1.1.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 1:1.4.0-1.2.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.4-8.rhaos4.15.git24f50b9.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.0-3.1.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:2.16.2-2.1.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-21.1.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 4:1.1.12-1.1.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 2:1.11.2-21.2.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202407191425-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2 Unaffected: 0:3.3.23-16.el8ost   < *
    cpe:/a:redhat:openstack:16.2::el8
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1 for RHEL 8 Unaffected: 0:0.2.1-3.el8ost   < *
    cpe:/a:redhat:openstack:17.1::el8
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1 for RHEL 9 Unaffected: 0:3.4.26-8.el9ost   < *
    cpe:/a:redhat:openstack:17.1::el9
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1 for RHEL 9 Unaffected: 0:0.2.1-3.el9ost   < *
    cpe:/a:redhat:openstack:17.1::el9
 Create a notification for this product.
   Red Hat RHODF-4.16-RHEL-9 Unaffected: v4.16.0-137   < *
    cpe:/a:redhat:openshift_data_foundation:4.16::el9
 Create a notification for this product.
   Red Hat RHODF-4.16-RHEL-9 Unaffected: v4.16.0-38   < *
    cpe:/a:redhat:openshift_data_foundation:4.16::el9
 Create a notification for this product.
   Red Hat NBDE Tang Server     cpe:/a:redhat:network_bound_disk_encryption_tang:1
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Certification for Red Hat Enterprise Linux 8     cpe:/a:redhat:certifications:1::el8
 Create a notification for this product.
   Red Hat Red Hat Certification for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:1::el9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Container Storage 4     cpe:/a:redhat:openshift_container_storage:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
 Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.1     cpe:/a:redhat:openstack:16.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.1     cpe:/a:redhat:openstack:16.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.1     cpe:/a:redhat:openstack:16.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
 Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
 Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
 Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
 Create a notification for this product.
   Red Hat Red Hat Software Collections     cpe:/a:redhat:rhel_software_collections:3
 Create a notification for this product.
   Red Hat Red Hat Storage 3     cpe:/a:redhat:storage:3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1394",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-03-21T18:21:05.099385Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-05T13:50:55.732Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:40:20.583Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:1462",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1462",
               },
               {
                  name: "RHSA-2024:1468",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1468",
               },
               {
                  name: "RHSA-2024:1472",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1472",
               },
               {
                  name: "RHSA-2024:1501",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1501",
               },
               {
                  name: "RHSA-2024:1502",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1502",
               },
               {
                  name: "RHSA-2024:1561",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1561",
               },
               {
                  name: "RHSA-2024:1563",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1563",
               },
               {
                  name: "RHSA-2024:1566",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1566",
               },
               {
                  name: "RHSA-2024:1567",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1567",
               },
               {
                  name: "RHSA-2024:1574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1574",
               },
               {
                  name: "RHSA-2024:1640",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1640",
               },
               {
                  name: "RHSA-2024:1644",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1644",
               },
               {
                  name: "RHSA-2024:1646",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1646",
               },
               {
                  name: "RHSA-2024:1763",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1763",
               },
               {
                  name: "RHSA-2024:1897",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1897",
               },
               {
                  name: "RHSA-2024:2562",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2562",
               },
               {
                  name: "RHSA-2024:2568",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2568",
               },
               {
                  name: "RHSA-2024:2569",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2569",
               },
               {
                  name: "RHSA-2024:2729",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2729",
               },
               {
                  name: "RHSA-2024:2730",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2730",
               },
               {
                  name: "RHSA-2024:2767",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2767",
               },
               {
                  name: "RHSA-2024:3265",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3265",
               },
               {
                  name: "RHSA-2024:3352",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3352",
               },
               {
                  name: "RHSA-2024:4146",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4146",
               },
               {
                  name: "RHSA-2024:4371",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4371",
               },
               {
                  name: "RHSA-2024:4378",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4378",
               },
               {
                  name: "RHSA-2024:4379",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4379",
               },
               {
                  name: "RHSA-2024:4502",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4502",
               },
               {
                  name: "RHSA-2024:4581",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4581",
               },
               {
                  name: "RHSA-2024:4591",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4591",
               },
               {
                  name: "RHSA-2024:4672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4672",
               },
               {
                  name: "RHSA-2024:4699",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4699",
               },
               {
                  name: "RHSA-2024:4761",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4761",
               },
               {
                  name: "RHSA-2024:4762",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4762",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-1394",
               },
               {
                  name: "RHBZ#2262921",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262921",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://pkg.go.dev/vuln/GO-2024-2660",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://vuln.go.dev/ID/GO-2024-2660.json",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
                  "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
                  "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "receptor",
               product: "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.4.5-1.el8ap",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
                  "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
                  "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "receptor",
               product: "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.4.5-1.el9ap",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:devtools:2023::el7",
               ],
               defaultStatus: "affected",
               packageName: "go-toolset-1.19-golang",
               product: "Red Hat Developer Tools",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.19.13-6.el7_9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "go-toolset:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8090020240313170136.26eb71ac",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana-pcp",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:5.1.1-2.el8_9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:9.2.10-8.el8_9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:9.2.10-16.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020240808093819.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "osbuild-composer",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:101-2.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "golang",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.20.12-2.el9_3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:9.2.10-8.el9_3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana-pcp",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:5.1.1-2.el9_3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "golang",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.21.9-2.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:9.2.10-16.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana-pcp",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:5.1.1-2.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.7-3.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-5.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "gvisor-tap-vsock",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "6:0.7.3-4.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.14.3-3.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.4.0-4.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:1.1.12-3.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.2.0-4.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.0.1-6.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "golang",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.19.13-7.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.4.1-20.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.23.4-5.2.rhaos4.12.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.16.0-2.2.rhaos4.12.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.4.0-1.1.rhaos4.12.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.25.5-13.1.rhaos4.12.git76343da.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-tools",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.25.0-2.2.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2.14.0-7.1.rhaos4.12.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.2.0-7.2.rhaos4.12.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:1.1.6-5.2.rhaos4.12.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.9.4-3.2.rhaos4.12.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.1-2.2.rhaos4.13.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.4.0-1.1.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.5-11.1.rhaos4.13.git919cc6e.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-tools",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.0-4.2.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2.15.0-7.1.rhaos4.13.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-5.2.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:1.1.12-1.1.rhaos4.13.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.2-2.2.rhaos4.13.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.19.0-1.3.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.4.0-1.2.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-tools",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.0-3.1.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2.16.2-2.1.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "ose-aws-ecr-image-credential-provider",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-11.3.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.2-10.3.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.1-10.4.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.19.0-1.4.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "conmon",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:2.1.7-3.4.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.4.0-1.3.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.4-7.2.rhaos4.14.git082c52f.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-tools",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.0-3.2.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2.16.2-2.2.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4-aws-iso",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202404151639.p0.gd2acdd5.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-ansible",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-kuryr",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202404151639.p0.g8926a29.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "ose-aws-ecr-image-credential-provider",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-11.4.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:1.1.12-1.2.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.2-10.4.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "microshift",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.19-202403280926.p0.gc1f8861.assembly.4.14.19.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "414.92.202407300859-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.1-20.3.rhaos4.15.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.20.0-1.1.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.4.0-1.2.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.4-8.rhaos4.15.git24f50b9.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-tools",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.0-3.1.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2.16.2-2.1.rhaos4.15.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "ose-aws-ecr-image-credential-provider",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-21.1.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:1.1.12-1.1.rhaos4.15.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.2-21.2.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "microshift",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202407191425-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2::el8",
               ],
               defaultStatus: "affected",
               packageName: "etcd",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.3.23-16.el8ost",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1::el8",
               ],
               defaultStatus: "affected",
               packageName: "collectd-sensubility",
               product: "Red Hat OpenStack Platform 17.1 for RHEL 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.2.1-3.el8ost",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1::el9",
               ],
               defaultStatus: "affected",
               packageName: "etcd",
               product: "Red Hat OpenStack Platform 17.1 for RHEL 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.4.26-8.el9ost",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1::el9",
               ],
               defaultStatus: "affected",
               packageName: "collectd-sensubility",
               product: "Red Hat OpenStack Platform 17.1 for RHEL 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.2.1-3.el9ost",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "odf4/mcg-operator-bundle",
               product: "RHODF-4.16-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-137",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "odf4/mcg-rhel9-operator",
               product: "RHODF-4.16-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-38",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:network_bound_disk_encryption_tang:1",
               ],
               defaultStatus: "affected",
               packageName: "tang-operator-bundle-container",
               product: "NBDE Tang Server",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "helm",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "odo",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_pipelines:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-pipelines-client",
               product: "OpenShift Pipelines",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-clients",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform",
               ],
               defaultStatus: "affected",
               packageName: "helm",
               product: "Red Hat Ansible Automation Platform 1.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat Ansible Automation Platform 1.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:certifications:1::el8",
               ],
               defaultStatus: "affected",
               packageName: "redhat-certification-preflight",
               product: "Red Hat Certification for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:certifications:1::el9",
               ],
               defaultStatus: "affected",
               packageName: "redhat-certification-preflight",
               product: "Red Hat Certification for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "containernetworking-plugins",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "host-metering",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "rhc-worker-script",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/buildah",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/conmon",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/containernetworking-plugins",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/runc",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/skopeo",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/toolbox",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "git-lfs",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "rhc",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "weldr-client",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "git-lfs",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "osbuild-composer",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "toolbox",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "weldr-client",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon-rs",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "golang-github-prometheus-promu",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "lifecycle-agent-operator-bundle-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "openshift4/bare-metal-event-relay-operator-bundle",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/numaresources-operator-bundle",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-cluster-machine-approver-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_container_storage:4",
               ],
               defaultStatus: "unknown",
               packageName: "mcg",
               product: "Red Hat Openshift Container Storage 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_devspaces:3:",
               ],
               defaultStatus: "affected",
               packageName: "devspaces/machineexec-rhel8",
               product: "Red Hat OpenShift Dev Spaces",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_gitops:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-gitops-1/gitops-operator-bundle",
               product: "Red Hat OpenShift GitOps",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_service_on_aws:1",
               ],
               defaultStatus: "affected",
               packageName: "rosa",
               product: "Red Hat OpenShift on AWS",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "unaffected",
               packageName: "kubevirt",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.1",
               ],
               defaultStatus: "unknown",
               packageName: "etcd",
               product: "Red Hat OpenStack Platform 16.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.1",
               ],
               defaultStatus: "affected",
               packageName: "golang-qpid-apache",
               product: "Red Hat OpenStack Platform 16.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.1",
               ],
               defaultStatus: "unaffected",
               packageName: "qpid-proton",
               product: "Red Hat OpenStack Platform 16.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "golang-github-infrawatch-apputils",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "golang-qpid-apache",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "unaffected",
               packageName: "qpid-proton",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "golang-github-infrawatch-apputils",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "golang-qpid-apache",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "unaffected",
               packageName: "qpid-proton",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:18.0",
               ],
               defaultStatus: "affected",
               packageName: "etcd",
               product: "Red Hat OpenStack Platform 18.0",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_interconnect:1",
               ],
               defaultStatus: "affected",
               packageName: "qpid-proton",
               product: "Red Hat Service Interconnect 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_interconnect:1",
               ],
               defaultStatus: "affected",
               packageName: "skupper-cli",
               product: "Red Hat Service Interconnect 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_interconnect:1",
               ],
               defaultStatus: "affected",
               packageName: "skupper-router",
               product: "Red Hat Service Interconnect 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_software_collections:3",
               ],
               defaultStatus: "unaffected",
               packageName: "rh-git227-git-lfs",
               product: "Red Hat Software Collections",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:storage:3",
               ],
               defaultStatus: "unknown",
               packageName: "heketi",
               product: "Red Hat Storage 3",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank @qmuntal and @r3kumar for reporting this issue.",
            },
         ],
         datePublic: "2024-03-20T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-401",
                     description: "Missing Release of Memory after Effective Lifetime",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-25T17:00:13.700Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:1462",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1462",
            },
            {
               name: "RHSA-2024:1468",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1468",
            },
            {
               name: "RHSA-2024:1472",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1472",
            },
            {
               name: "RHSA-2024:1501",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1501",
            },
            {
               name: "RHSA-2024:1502",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1502",
            },
            {
               name: "RHSA-2024:1561",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1561",
            },
            {
               name: "RHSA-2024:1563",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1563",
            },
            {
               name: "RHSA-2024:1566",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1566",
            },
            {
               name: "RHSA-2024:1567",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1567",
            },
            {
               name: "RHSA-2024:1574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1574",
            },
            {
               name: "RHSA-2024:1640",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1640",
            },
            {
               name: "RHSA-2024:1644",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1644",
            },
            {
               name: "RHSA-2024:1646",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1646",
            },
            {
               name: "RHSA-2024:1763",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1763",
            },
            {
               name: "RHSA-2024:1897",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1897",
            },
            {
               name: "RHSA-2024:2562",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2562",
            },
            {
               name: "RHSA-2024:2568",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2568",
            },
            {
               name: "RHSA-2024:2569",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2569",
            },
            {
               name: "RHSA-2024:2729",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2729",
            },
            {
               name: "RHSA-2024:2730",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2730",
            },
            {
               name: "RHSA-2024:2767",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2767",
            },
            {
               name: "RHSA-2024:3265",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3265",
            },
            {
               name: "RHSA-2024:3352",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3352",
            },
            {
               name: "RHSA-2024:4146",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4146",
            },
            {
               name: "RHSA-2024:4371",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4371",
            },
            {
               name: "RHSA-2024:4378",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4378",
            },
            {
               name: "RHSA-2024:4379",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4379",
            },
            {
               name: "RHSA-2024:4502",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4502",
            },
            {
               name: "RHSA-2024:4581",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4581",
            },
            {
               name: "RHSA-2024:4591",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4591",
            },
            {
               name: "RHSA-2024:4672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4672",
            },
            {
               name: "RHSA-2024:4699",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4699",
            },
            {
               name: "RHSA-2024:4761",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4761",
            },
            {
               name: "RHSA-2024:4762",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4762",
            },
            {
               name: "RHSA-2024:4960",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4960",
            },
            {
               name: "RHSA-2024:5258",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:5258",
            },
            {
               name: "RHSA-2024:5634",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:5634",
            },
            {
               name: "RHSA-2024:7262",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7262",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-1394",
            },
            {
               name: "RHBZ#2262921",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262921",
            },
            {
               url: "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136",
            },
            {
               url: "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6",
            },
            {
               url: "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f",
            },
            {
               url: "https://pkg.go.dev/vuln/GO-2024-2660",
            },
            {
               url: "https://vuln.go.dev/ID/GO-2024-2660.json",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-02-06T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-03-20T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-401: Missing Release of Memory after Effective Lifetime",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-1394",
      datePublished: "2024-03-21T12:16:38.790Z",
      dateReserved: "2024-02-09T06:02:35.056Z",
      dateUpdated: "2025-03-25T17:00:13.700Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1753
Vulnerability from cvelistv5
Published
2024-03-18 14:23
Modified
2024-11-26 19:55
Severity ?
8.6 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
References
https://access.redhat.com/errata/RHSA-2024:2049vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2055vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2064vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2066vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2077vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2084vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2089vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2090vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2097vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2098vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2548vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2645vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2669vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2672vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2784vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2877vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3254vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1753vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2265513issue-tracking, x_refsource_REDHAT
https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf
https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3
https://pkg.go.dev/vuln/GO-2024-2658
Impacted products
Vendor Product Version
Version: 4.15.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8090020240413110917.d7b6f4b7   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8090020240417184044.e7857ab1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240419145834.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 8060020240422155330.3b538bd8   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 8060020240419071711.2e213529   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020240422101606.0f77c1b7   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:1.31.5-1.el9_3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-3.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 1:1.26.7-1.el9_0   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 2:4.2.0-3.el9_0   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:1.29.3-1.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:4.4.1-16.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 3:4.4.1-3.2.rhaos4.12.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-6.3.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-7.3.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-13.4.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-23.2.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1753",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-02T15:05:28.144862Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T18:00:10.892Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:48:22.005Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:2049",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2049",
               },
               {
                  name: "RHSA-2024:2055",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2055",
               },
               {
                  name: "RHSA-2024:2064",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2064",
               },
               {
                  name: "RHSA-2024:2066",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2066",
               },
               {
                  name: "RHSA-2024:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2077",
               },
               {
                  name: "RHSA-2024:2084",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2084",
               },
               {
                  name: "RHSA-2024:2089",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2089",
               },
               {
                  name: "RHSA-2024:2090",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2090",
               },
               {
                  name: "RHSA-2024:2097",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2097",
               },
               {
                  name: "RHSA-2024:2098",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2098",
               },
               {
                  name: "RHSA-2024:2548",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2548",
               },
               {
                  name: "RHSA-2024:2645",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2645",
               },
               {
                  name: "RHSA-2024:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2669",
               },
               {
                  name: "RHSA-2024:2672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2672",
               },
               {
                  name: "RHSA-2024:2784",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2784",
               },
               {
                  name: "RHSA-2024:2877",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2877",
               },
               {
                  name: "RHSA-2024:3254",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3254",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-1753",
               },
               {
                  name: "RHBZ#2265513",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265513",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/builder/",
               defaultStatus: "unaffected",
               packageName: "buildah",
               versions: [
                  {
                     status: "affected",
                     version: "4.15.0",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:4.0",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8090020240413110917.d7b6f4b7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8090020240417184044.e7857ab1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020240419145834.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020240422155330.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:4.0",
               product: "Red Hat Enterprise Linux 8.6 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020240419071711.2e213529",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:8.8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.8 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8080020240422101606.0f77c1b7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.31.5-1.el9_3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-3.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.0 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.26.7-1.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.0 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.2.0-3.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.3-1.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.4.1-16.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-3.2.rhaos4.12.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-6.3.rhaos4.13.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-7.3.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-13.4.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-23.2.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-03-18T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-59",
                     description: "Improper Link Resolution Before File Access ('Link Following')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-26T19:55:15.725Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:2049",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2049",
            },
            {
               name: "RHSA-2024:2055",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2055",
            },
            {
               name: "RHSA-2024:2064",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2064",
            },
            {
               name: "RHSA-2024:2066",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2066",
            },
            {
               name: "RHSA-2024:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2077",
            },
            {
               name: "RHSA-2024:2084",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2084",
            },
            {
               name: "RHSA-2024:2089",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2089",
            },
            {
               name: "RHSA-2024:2090",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2090",
            },
            {
               name: "RHSA-2024:2097",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2097",
            },
            {
               name: "RHSA-2024:2098",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2098",
            },
            {
               name: "RHSA-2024:2548",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2548",
            },
            {
               name: "RHSA-2024:2645",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2645",
            },
            {
               name: "RHSA-2024:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2669",
            },
            {
               name: "RHSA-2024:2672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2672",
            },
            {
               name: "RHSA-2024:2784",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2784",
            },
            {
               name: "RHSA-2024:2877",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2877",
            },
            {
               name: "RHSA-2024:3254",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3254",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-1753",
            },
            {
               name: "RHBZ#2265513",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265513",
            },
            {
               url: "https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf",
            },
            {
               url: "https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3",
            },
            {
               url: "https://pkg.go.dev/vuln/GO-2024-2658",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-02-22T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-03-18T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Buildah: full container escape at build time",
         workarounds: [
            {
               lang: "en",
               value: "When SELinux is enabled, the container is restricted to limited read-only access.",
            },
         ],
         x_redhatCweChain: "CWE-59: Improper Link Resolution Before File Access ('Link Following')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-1753",
      datePublished: "2024-03-18T14:23:44.213Z",
      dateReserved: "2024-02-22T14:42:20.623Z",
      dateUpdated: "2024-11-26T19:55:15.725Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45781
Vulnerability from cvelistv5
Published
2025-02-18 19:25
Modified
2025-03-15 00:18
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2024-45781vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345857issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45781",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T14:43:23.432163Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T15:15:15.791Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:18:41.771Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45781",
            },
            {
               name: "RHBZ#2345857",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345857",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-14T21:31:44.750000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/ufs: oob write in the heap",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45781",
      datePublished: "2025-02-18T19:25:57.168Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-15T00:18:41.771Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0678
Vulnerability from cvelistv5
Published
2025-03-03 17:05
Modified
2025-03-25 05:01
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-0678vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346118issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0678",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T16:15:54.571947Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T16:16:04.985Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "Integer Overflow or Wraparound",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-25T05:01:00.273Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0678",
            },
            {
               name: "RHBZ#2346118",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346118",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:10:07.402000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: squash4: integer overflow may lead to heap based out-of-bounds write when reading data",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-190: Integer Overflow or Wraparound",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0678",
      datePublished: "2025-03-03T17:05:41.928Z",
      dateReserved: "2025-01-23T16:30:21.331Z",
      dateUpdated: "2025-03-25T05:01:00.273Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12698
Vulnerability from cvelistv5
Published
2024-12-18 05:07
Modified
2025-03-20 16:20
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.
References
https://access.redhat.com/errata/RHSA-2024:6122vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12698vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2332674issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502052031.p0.gf95a88f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12698",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-18T15:11:09.265823Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-18T15:11:29.315Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/operator-framework/catalogd",
               defaultStatus: "unaffected",
               packageName: "catalogd",
               versions: [
                  {
                     lessThan: "1.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-olm-catalogd-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502052031.p0.gf95a88f.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         datePublic: "2024-12-16T20:42:44.179Z",
         descriptions: [
            {
               lang: "en",
               value: "An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-20T16:20:53.773Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:6122",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6122",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12698",
            },
            {
               name: "RHBZ#2332674",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2332674",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-16T20:19:08.503000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-12-16T20:42:44.179000+00:00",
               value: "Made public.",
            },
         ],
         title: "Ose-olm-catalogd-container: incomplete fix for rapid reset (cve-2023-39325/cve-2023-44487)",
         workarounds: [
            {
               lang: "en",
               value: "Red Hat Product Security does not have any mitigation recommendations at this time. Please update as soon as possible.",
            },
         ],
         x_redhatCweChain: "CWE-400: Uncontrolled Resource Consumption",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12698",
      datePublished: "2024-12-18T05:07:21.026Z",
      dateReserved: "2024-12-16T22:31:49.130Z",
      dateUpdated: "2025-03-20T16:20:53.773Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-11217
Vulnerability from cvelistv5
Published
2024-11-15 20:48
Modified
2025-02-08 03:04
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options.
References
https://access.redhat.com/security/cve/CVE-2024-11217vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2326230issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 4.12.*   
Version: 4.13.*   
Version: 4.14.*   
Version: 4.15.*   
Version: 4.16.*   
Version: 4.17.*   
Version: 4.18.*   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-11217",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T21:09:10.428897Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T21:09:27.890Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/oauth-server",
               defaultStatus: "unaffected",
               packageName: "oauth-server-container",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.12.*",
                     versionType: "semver",
                  },
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.13.*",
                     versionType: "semver",
                  },
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.14.*",
                     versionType: "semver",
                  },
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.15.*",
                     versionType: "semver",
                  },
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.16.*",
                     versionType: "semver",
                  },
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.17.*",
                     versionType: "semver",
                  },
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "4.18.*",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-oauth-server-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Xingxing Xia (OpenShift QE (Quality Engineering), Red Hat).",
            },
         ],
         datePublic: "2024-11-14T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-1295",
                     description: "Debug Messages Revealing Unnecessary Information",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-08T03:04:00.479Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-11217",
            },
            {
               name: "RHBZ#2326230",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2326230",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-14T12:49:38.971000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-14T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Oauth-server-container: oauth-server-container logs client secret in debug level",
         x_redhatCweChain: "CWE-1295: Debug Messages Revealing Unnecessary Information",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-11217",
      datePublished: "2024-11-15T20:48:46.460Z",
      dateReserved: "2024-11-14T12:57:54.752Z",
      dateUpdated: "2025-02-08T03:04:00.479Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-0793
Vulnerability from cvelistv5
Published
2024-11-17 10:45
Modified
2024-11-17 16:16
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
References
https://access.redhat.com/errata/RHSA-2024:0741vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1267vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-0793vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2214402issue-tracking, x_refsource_REDHAT
https://github.com/openshift/kubernetes/pull/1876
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:4.12.0-202403042037.p0.g9946c63.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-0793",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-17T16:16:32.204219Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-17T16:16:49.847Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/kubernetes",
               defaultStatus: "unaffected",
               packageName: "kube-controller-manager",
               versions: [
                  {
                     lessThan: "1.27",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "baremetal-machine-controller-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "cluster-etcd-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "cluster-monitoring-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "cluster-network-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "cluster-node-tuning-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "cluster-version-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "configmap-reload-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "coredns-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-attacher-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-driver-manila-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-driver-manila-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-driver-nfs-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-livenessprobe-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-node-driver-registrar-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "csi-provisioner-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "driver-toolkit-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ibm-vpc-node-label-updater-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ironic-rhcos-downloader-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "kube-proxy-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "kube-rbac-proxy-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "kube-state-metrics-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "marketplace-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "multus-cni-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "oauth-server-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "oc-mirror-plugin-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-cli-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-console-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-console-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-deployer-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-haproxy-router-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-hyperkube-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-keepalived-ipfailover-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-pod-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-registry-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-enterprise-tests-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-state-metrics-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "operator-lifecycle-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "operator-registry-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-agent-installer-api-server-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-agent-installer-csr-approver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-agent-installer-node-agent-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-agent-installer-orchestrator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-alibaba-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-alibaba-cloud-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-alibaba-disk-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-alibaba-machine-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-apiserver-network-proxy-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-aws-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-aws-cluster-api-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-aws-ebs-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-aws-ebs-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-aws-pod-identity-webhook-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-cloud-node-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-cluster-api-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-disk-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-disk-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-file-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-azure-file-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-baremetal-installer-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-baremetal-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-baremetal-runtimecfg-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cli-artifacts-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cloud-credential-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cloud-network-config-controller-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-api-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-authentication-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-autoscaler-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-baremetal-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-bootstrap-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-capi-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-cloud-controller-manager-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-config-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-control-plane-machine-set-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-csi-snapshot-controller-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-dns-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-image-registry-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-ingress-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-kube-apiserver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-kube-cluster-api-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-kube-controller-manager-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-kube-scheduler-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-kube-storage-version-migrator-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-machine-approver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-openshift-apiserver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-openshift-controller-manager-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-ovirt-csi-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-platform-operators-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-policy-controller-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-storage-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-cluster-update-keys-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-containernetworking-plugins-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-driver-shared-resource-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-driver-shared-resource-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-driver-shared-resource-webhook-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-external-resizer-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-external-snapshotter-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-snapshot-controller-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-csi-snapshot-validation-webhook-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-egress-router-cni-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-etcd-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-gcp-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-gcp-cluster-api-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-gcp-pd-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-gcp-pd-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-hypershift-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ibmcloud-cluster-api-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ibm-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ibmcloud-machine-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ibm-vpc-block-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ibm-vpc-block-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-image-customization-controller-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-insights-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-installer-artifacts-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-installer-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-kube-storage-version-migrator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-kubevirt-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-kubevirt-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-libvirt-machine-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-api-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-api-provider-aws-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-api-provider-azure-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-api-provider-gcp-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-api-provider-openstack-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-config-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-machine-os-images-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-multus-admission-controller-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-multus-networkpolicy-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-must-gather-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-network-interface-bond-cni-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-network-metrics-daemon-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-network-tools-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-node-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-nutanix-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-nutanix-machine-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-oauth-apiserver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-olm-rukpak-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-openshift-apiserver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-openshift-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-openstack-cinder-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-openstack-cinder-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-openstack-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ovirt-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ovirt-machine-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-ovn-kubernetes-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-powervs-block-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-powervs-block-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-powervs-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-powervs-machine-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-prometheus-adapter-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-route-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-service-ca-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-thanos-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-tools-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-vmware-vsphere-csi-driver-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-vmware-vsphere-csi-driver-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-vsphere-cloud-controller-manager-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-vsphere-cluster-api-controllers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-vsphere-problem-detector-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "ovn-kubernetes-microshift-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "prometheus-config-reloader-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "prometheus-operator-admission-webhook-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "prometheus-operator-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "telemeter-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "unaffected",
               packageName: "vmware-vsphere-syncer-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.12.0-202403042037.p0.g9946c63.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "microshift",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Mikel Duke (USAA) for reporting this issue.",
            },
         ],
         datePublic: "2024-02-07T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-17T10:45:50.457Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:0741",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0741",
            },
            {
               name: "RHSA-2024:1267",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1267",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-0793",
            },
            {
               name: "RHBZ#2214402",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214402",
            },
            {
               url: "https://github.com/openshift/kubernetes/pull/1876",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-06-12T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-02-07T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Kube-controller-manager: malformed hpa v1 manifest causes crash",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-20: Improper Input Validation",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-0793",
      datePublished: "2024-11-17T10:45:50.457Z",
      dateReserved: "2024-01-22T21:32:10.068Z",
      dateUpdated: "2024-11-17T16:16:49.847Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-5366
Vulnerability from cvelistv5
Published
2023-10-06 17:43
Modified
2025-02-13 17:20
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Summary
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.
References
https://access.redhat.com/security/cve/CVE-2023-5366vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2006347issue-tracking, x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
Impacted products
Vendor Product Version
n/a openvswitch
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.1     cpe:/a:redhat:openstack:16.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat Virtualization 4     cpe:/:redhat:enterprise_linux:::hypervisor
 Create a notification for this product.
   Red Hat Red Hat Virtualization 4     cpe:/:redhat:enterprise_linux:::hypervisor
 Create a notification for this product.
   Fedora Fedora Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T07:59:43.267Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-5366",
               },
               {
                  name: "RHBZ#2006347",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006347",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/02/08/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "affected",
               product: "openvswitch",
               vendor: "n/a",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.10",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.11",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.12",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.13",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.15",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.11",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.12",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.13",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.15",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.16",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.17",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch3.1",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.17",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch3.0",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch3.1",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch-ovn-kubernetes",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "openvswitch2.15",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.16",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.17",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch3.0",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch3.1",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.1",
               ],
               defaultStatus: "unaffected",
               packageName: "rhosp-openvswitch",
               product: "Red Hat OpenStack Platform 16.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhosp-openvswitch",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/:redhat:enterprise_linux:::hypervisor",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.11",
               product: "Red Hat Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/:redhat:enterprise_linux:::hypervisor",
               ],
               defaultStatus: "affected",
               packageName: "redhat-virtualization-host",
               product: "Red Hat Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://packages.fedoraproject.org/",
               defaultStatus: "affected",
               packageName: "openvswitch",
               product: "Fedora",
               vendor: "Fedora",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Alex Katz (Red Hat) and Slawomir Kaplonski (Red Hat).",
            },
         ],
         datePublic: "2023-09-26T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-345",
                     description: "Insufficient Verification of Data Authenticity",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-03-23T02:06:38.589Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-5366",
            },
            {
               name: "RHBZ#2006347",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006347",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/02/08/4",
            },
            {
               url: "https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2021-09-21T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-09-26T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openvswitch don't match packets on nd_target field",
         x_redhatCweChain: "CWE-345: Insufficient Verification of Data Authenticity",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-5366",
      datePublished: "2023-10-06T17:43:34.376Z",
      dateReserved: "2023-10-03T19:14:58.793Z",
      dateUpdated: "2025-02-13T17:20:09.786Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45780
Vulnerability from cvelistv5
Published
2025-03-03 14:18
Modified
2025-03-05 20:42
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2024-45780vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345856issue-tracking, x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45780",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-03T15:07:37.406667Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-03T15:07:47.085Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-05T20:42:44.322Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45780",
            },
            {
               name: "RHBZ#2345856",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345856",
            },
            {
               url: "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-14T21:26:01.414000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/tar: integer overflow causes heap oob write",
         workarounds: [
            {
               lang: "en",
               value: "Do not run grub2 in an untrusted environment, specifically with a tar file system image.",
            },
         ],
         x_redhatCweChain: "CWE-190->CWE-787: Integer Overflow or Wraparound leads to Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45780",
      datePublished: "2025-03-03T14:18:50.957Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-05T20:42:44.322Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12085
Vulnerability from cvelistv5
Published
2025-01-14 17:37
Modified
2025-03-20 07:05
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
References
https://access.redhat.com/errata/RHSA-2025:0324vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0325vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0637vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0688vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0714vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0774vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0787vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0790vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0849vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0884vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0885vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1120vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1123vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1128vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1225vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1227vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1242vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1451vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2701vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12085vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330539issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 0    3.3.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:3.0.6-12.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:3.1.2-12.el7_9.1   < *
    cpe:/o:redhat:rhel_els:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-20.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:3.1.3-7.el8_2.3   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:3.1.3-12.el8_4.3   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:3.1.3-12.el8_4.3   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:3.1.3-12.el8_4.3   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:3.1.3-14.el8_6.6   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:3.1.3-14.el8_6.6   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:3.1.3-14.el8_6.6   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:3.1.3-20.el8_8.1   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.3-20.el9_5.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.3-20.el9_5.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:3.2.3-9.el9_0.3   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:3.2.3-19.el9_2.1   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:3.2.3-19.el9_4.1   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 412.86.202502100314-0   < *
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202503112237-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202502111902-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202501281917-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202502051822-0   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-22   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-10   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v6.8.1-454   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-17   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.0.0-537   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-4   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.4.0-339   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-4   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.1.0-320   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.1-552   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v3.3.2-9   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-5   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-12   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-5   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-725   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-342   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.28.1-88   < *
    cpe:/a:redhat:logging:5.8::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-25   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-11   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.4.0-340   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-5   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v1.1.0-321   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v3.3.2-8   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-6   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-9   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-4   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.1.0-724   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.1.0-341   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.34.1-30   < *
    cpe:/a:redhat:logging:5.9::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12085",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-26T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-27T04:55:13.505Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/RsyncProject/rsync",
               defaultStatus: "unaffected",
               packageName: "rsync",
               versions: [
                  {
                     lessThanOrEqual: "3.3.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_els:6",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.0.6-12.el6_10.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_els:7",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.2-12.el7_9.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-20.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_aus:8.2::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.2 Advanced Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-7.el8_2.3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                  "cpe:/o:redhat:rhel_tus:8.4::baseos",
                  "cpe:/o:redhat:rhel_aus:8.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-12.el8_4.3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                  "cpe:/o:redhat:rhel_tus:8.4::baseos",
                  "cpe:/o:redhat:rhel_aus:8.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-12.el8_4.3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                  "cpe:/o:redhat:rhel_tus:8.4::baseos",
                  "cpe:/o:redhat:rhel_aus:8.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-12.el8_4.3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                  "cpe:/o:redhat:rhel_aus:8.6::baseos",
                  "cpe:/o:redhat:rhel_tus:8.6::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-14.el8_6.6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                  "cpe:/o:redhat:rhel_aus:8.6::baseos",
                  "cpe:/o:redhat:rhel_tus:8.6::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-14.el8_6.6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                  "cpe:/o:redhat:rhel_aus:8.6::baseos",
                  "cpe:/o:redhat:rhel_tus:8.6::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-14.el8_6.6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_eus:8.8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8.8 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-20.el8_8.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.2.3-20.el9_5.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.2.3-20.el9_5.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:9.0::baseos",
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.2.3-9.el9_0.3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_eus:9.2::baseos",
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.2.3-19.el9_2.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
                  "cpe:/o:redhat:rhel_eus:9.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.2.3-19.el9_4.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "412.86.202502100314-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "413.92.202503112237-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "414.92.202502111902-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202501281917-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ansible-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-helm-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-sdk-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "417.94.202502051822-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/cluster-logging-operator-bundle",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-22",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/cluster-logging-rhel9-operator",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/elasticsearch6-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v6.8.1-454",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/elasticsearch-operator-bundle",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-17",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/elasticsearch-proxy-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v1.0.0-537",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/elasticsearch-rhel9-operator",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/eventrouter-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.4.0-339",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/fluentd-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/log-file-metric-exporter-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v1.1.0-320",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/logging-curator5-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.1-552",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/logging-loki-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v3.3.2-9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/logging-view-plugin-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/loki-operator-bundle",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-12",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/loki-rhel9-operator",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.8.17-5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/lokistack-gateway-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.1.0-725",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/opa-openshift-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.1.0-342",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.8::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/vector-rhel9",
               product: "RHOL-5.8-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.28.1-88",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/cluster-logging-operator-bundle",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.9.11-25",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/cluster-logging-rhel9-operator",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.9.11-11",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/eventrouter-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.4.0-340",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/fluentd-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.9.11-5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/log-file-metric-exporter-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v1.1.0-321",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/logging-loki-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v3.3.2-8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/logging-view-plugin-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.9.11-6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/loki-operator-bundle",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.9.11-9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/loki-rhel9-operator",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v5.9.11-4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/lokistack-gateway-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.1.0-724",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/opa-openshift-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.1.0-341",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:logging:5.9::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift-logging/vector-rhel9",
               product: "RHOL-5.9-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v0.34.1-30",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue.",
            },
         ],
         datePublic: "2025-01-14T15:06:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-119",
                     description: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-20T07:05:52.614Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:0324",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0324",
            },
            {
               name: "RHSA-2025:0325",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0325",
            },
            {
               name: "RHSA-2025:0637",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0637",
            },
            {
               name: "RHSA-2025:0688",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0688",
            },
            {
               name: "RHSA-2025:0714",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0714",
            },
            {
               name: "RHSA-2025:0774",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0774",
            },
            {
               name: "RHSA-2025:0787",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0787",
            },
            {
               name: "RHSA-2025:0790",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0790",
            },
            {
               name: "RHSA-2025:0849",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0849",
            },
            {
               name: "RHSA-2025:0884",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0884",
            },
            {
               name: "RHSA-2025:0885",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0885",
            },
            {
               name: "RHSA-2025:1120",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1120",
            },
            {
               name: "RHSA-2025:1123",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1123",
            },
            {
               name: "RHSA-2025:1128",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1128",
            },
            {
               name: "RHSA-2025:1225",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1225",
            },
            {
               name: "RHSA-2025:1227",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1227",
            },
            {
               name: "RHSA-2025:1242",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1242",
            },
            {
               name: "RHSA-2025:1451",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1451",
            },
            {
               name: "RHSA-2025:2701",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2701",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12085",
            },
            {
               name: "RHBZ#2330539",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330539",
            },
            {
               url: "https://kb.cert.org/vuls/id/952657",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-05T12:06:36.594000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-14T15:06:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rsync: info leak via uninitialized stack contents",
         workarounds: [
            {
               lang: "en",
               value: "Seeing as this vulnerability relies on information leakage coming from the presence of data in the uninitialized memory of the `sum2` buffer, a potential mitigation involves compiling rsync with the `-ftrivial-auto-var-init=zero` option set. This mitigates the issue because it initializes the `sum2` variable's memory with zeroes to prevent uninitialized memory disclosure.",
            },
         ],
         x_redhatCweChain: "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12085",
      datePublished: "2025-01-14T17:37:16.036Z",
      dateReserved: "2024-12-03T08:57:53.329Z",
      dateUpdated: "2025-03-20T07:05:52.614Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-7008
Vulnerability from cvelistv5
Published
2023-12-23 13:00
Modified
2024-11-23 03:39
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
References
https://access.redhat.com/errata/RHSA-2024:2463vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3203vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-7008vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2222261
https://bugzilla.redhat.com/show_bug.cgi?id=2222672issue-tracking, x_refsource_REDHAT
https://github.com/systemd/systemd/issues/25676
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:239-82.el8   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:252-32.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:252-32.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
 Create a notification for this product.
   Red Hat Cryostat 2     cpe:/a:redhat:cryostat:2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-11-22T12:04:44.733Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:2463",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2463",
               },
               {
                  name: "RHSA-2024:3203",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3203",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-7008",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2222261",
               },
               {
                  name: "RHBZ#2222672",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2222672",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/systemd/systemd/issues/25676",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/",
               },
               {
                  url: "https://security.netapp.com/advisory/ntap-20241122-0004/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "systemd",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:239-82.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::crb",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
               ],
               defaultStatus: "affected",
               packageName: "systemd",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:252-32.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::crb",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
               ],
               defaultStatus: "affected",
               packageName: "systemd",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:252-32.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cryostat:2",
               ],
               defaultStatus: "unaffected",
               packageName: "systemd",
               product: "Cryostat 2",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2022-12-08T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-300",
                     description: "Channel Accessible by Non-Endpoint",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-23T03:39:26.132Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:2463",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2463",
            },
            {
               name: "RHSA-2024:3203",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3203",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-7008",
            },
            {
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2222261",
            },
            {
               name: "RHBZ#2222672",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2222672",
            },
            {
               url: "https://github.com/systemd/systemd/issues/25676",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-07-12T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2022-12-08T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-300: Channel Accessible by Non-Endpoint",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-7008",
      datePublished: "2023-12-23T13:00:50.515Z",
      dateReserved: "2023-12-20T15:28:32.966Z",
      dateUpdated: "2024-11-23T03:39:26.132Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0622
Vulnerability from cvelistv5
Published
2025-02-18 19:26
Modified
2025-03-15 01:03
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-0622vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345865issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0622",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-18T19:41:48.648607Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-18T19:42:01.129Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "Use After Free",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T01:03:14.687Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0622",
            },
            {
               name: "RHBZ#2345865",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345865",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-14T22:20:05.935000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: command/gpg: use-after-free due to hooks not being removed on module unload",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-416: Use After Free",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0622",
      datePublished: "2025-02-18T19:26:13.082Z",
      dateReserved: "2025-01-21T16:25:15.532Z",
      dateUpdated: "2025-03-15T01:03:14.687Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-5154
Vulnerability from cvelistv5
Published
2024-06-12 08:51
Modified
2024-12-11 03:44
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
Summary
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
References
https://access.redhat.com/errata/RHSA-2024:10818vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3676vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3700vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4008vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4486vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-5154vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2280190issue-tracking, x_refsource_REDHAT
https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8
Impacted products
Vendor Product Version
Version: 1.30.0   
Version: 1.29.4   
Version: 1.28.6   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-21.2.rhaos4.12.gita3eb75f.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-18.2.rhaos4.13.git2e90133.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.7-3.rhaos4.14.git674563e.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.7-2.rhaos4.15.git111aec5.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202412040832-0   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-5154",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-13T20:15:38.501353Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-13T20:15:45.221Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:03:11.031Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:3676",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3676",
               },
               {
                  name: "RHSA-2024:3700",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3700",
               },
               {
                  name: "RHSA-2024:4008",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4008",
               },
               {
                  name: "RHSA-2024:4486",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4486",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-5154",
               },
               {
                  name: "RHBZ#2280190",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280190",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/cri-o/cri-o",
               defaultStatus: "unaffected",
               packageName: "cri-o",
               versions: [
                  {
                     lessThan: "1.30.1",
                     status: "affected",
                     version: "1.30.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.29.5",
                     status: "affected",
                     version: "1.29.4",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.28.7",
                     status: "affected",
                     version: "1.28.6",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.25.5-21.2.rhaos4.12.gita3eb75f.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.5-18.2.rhaos4.13.git2e90133.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.7-3.rhaos4.14.git674563e.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.7-2.rhaos4.15.git111aec5.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "417.94.202412040832-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:rhel8/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Erik Sjölund (erik.sjolund@gmail.com) for reporting this issue.",
            },
         ],
         datePublic: "2024-05-27T18:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-11T03:44:42.486Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10818",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10818",
            },
            {
               name: "RHSA-2024:3676",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3676",
            },
            {
               name: "RHSA-2024:3700",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3700",
            },
            {
               name: "RHSA-2024:4008",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4008",
            },
            {
               name: "RHSA-2024:4486",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4486",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-5154",
            },
            {
               name: "RHBZ#2280190",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280190",
            },
            {
               url: "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-10T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-05-27T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Cri-o: malicious container can create symlink on host",
         workarounds: [
            {
               lang: "en",
               value: "There is no mitigation available for this vulnerability, a package update is required.",
            },
         ],
         x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-5154",
      datePublished: "2024-06-12T08:51:43.565Z",
      dateReserved: "2024-05-20T20:46:53.974Z",
      dateUpdated: "2024-12-11T03:44:42.486Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-3154
Vulnerability from cvelistv5
Published
2024-04-26 03:12
Modified
2024-09-16 19:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.
References
https://access.redhat.com/errata/RHSA-2024:2669vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2672vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2784vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3496vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3154vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2272532issue-tracking, x_refsource_REDHAT
https://github.com/cri-o/cri-o/security/advisories/GHSA-2cgq-h8xw-2v5j
https://github.com/opencontainers/runc/pull/4217
https://github.com/opencontainers/runtime-spec/blob/main/features.md#unsafe-annotations-in-configjson
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-16.2.rhaos4.12.gitcb09013.el8   < *
    cpe:/a:redhat:openshift:4.12::el9
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-16.2.rhaos4.13.git67e2a9d.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.6-2.rhaos4.15.git77bbb1c.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-3154",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-04-26T17:14:54.871751Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:31:24.003Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:05:07.032Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2669",
               },
               {
                  name: "RHSA-2024:2672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2672",
               },
               {
                  name: "RHSA-2024:2784",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2784",
               },
               {
                  name: "RHSA-2024:3496",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3496",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-3154",
               },
               {
                  name: "RHBZ#2272532",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272532",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/cri-o/cri-o/security/advisories/GHSA-2cgq-h8xw-2v5j",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/opencontainers/runc/pull/4217",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/opencontainers/runtime-spec/blob/main/features.md#unsafe-annotations-in-configjson",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el9",
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.25.5-16.2.rhaos4.12.gitcb09013.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.5-16.2.rhaos4.13.git67e2a9d.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.6-2.rhaos4.15.git77bbb1c.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unaffected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Akihiro Suda and Cédric Clerget for reporting this issue. Upstream acknowledges the CRI-O team as the original reporter.",
            },
         ],
         datePublic: "2024-04-22T16:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-77",
                     description: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-16T19:15:59.066Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2669",
            },
            {
               name: "RHSA-2024:2672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2672",
            },
            {
               name: "RHSA-2024:2784",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2784",
            },
            {
               name: "RHSA-2024:3496",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3496",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-3154",
            },
            {
               name: "RHBZ#2272532",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272532",
            },
            {
               url: "https://github.com/cri-o/cri-o/security/advisories/GHSA-2cgq-h8xw-2v5j",
            },
            {
               url: "https://github.com/opencontainers/runc/pull/4217",
            },
            {
               url: "https://github.com/opencontainers/runtime-spec/blob/main/features.md#unsafe-annotations-in-configjson",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-04-01T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-04-22T16:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Cri-o: arbitrary command injection via pod annotation",
         x_redhatCweChain: "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-3154",
      datePublished: "2024-04-26T03:12:38.036Z",
      dateReserved: "2024-04-01T19:43:56.801Z",
      dateUpdated: "2024-09-16T19:15:59.066Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45774
Vulnerability from cvelistv5
Published
2025-02-18 18:25
Modified
2025-03-15 00:16
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.
References
https://access.redhat.com/security/cve/CVE-2024-45774vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2337461issue-tracking, x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45774",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-18T18:54:05.276428Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-18T18:54:56.634Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:16:03.605Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45774",
            },
            {
               name: "RHBZ#2337461",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337461",
            },
            {
               url: "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-01-13T22:37:58.096000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: reader/jpeg: heap oob write during jpeg parsing",
         workarounds: [
            {
               lang: "en",
               value: "Do not process untrusted JPEG files with grub2.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45774",
      datePublished: "2025-02-18T18:25:09.511Z",
      dateReserved: "2024-09-08T01:57:12.947Z",
      dateUpdated: "2025-03-15T00:16:03.605Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12401
Vulnerability from cvelistv5
Published
2024-12-12 09:06
Modified
2025-03-15 05:58
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector for the cert-manager in the cluster.
References
https://access.redhat.com/security/cve/CVE-2024-12401vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2327929issue-tracking, x_refsource_REDHAT
https://github.com/cert-manager/cert-manager/pull/7400
https://github.com/cert-manager/cert-manager/pull/7401
https://github.com/cert-manager/cert-manager/pull/7402
https://github.com/cert-manager/cert-manager/pull/7403
https://github.com/cert-manager/cert-manager/security/advisories/GHSA-r4pg-vg54-wxx4
https://go.dev/issue/50116
Impacted products
Vendor Product Version
Version: 0    1.12.14
Version: 1.13.0-alpha.0    1.15.4
Version: 1.16.0-alpha.0    1.16.2
 Create a notification for this product.
   Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
 Create a notification for this product.
   Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
 Create a notification for this product.
   Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
 Create a notification for this product.
   Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
 Create a notification for this product.
   Red Hat Cryostat 3     cpe:/a:redhat:cryostat:3
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat Red Hat Connectivity Link     cpe:/a:redhat:hybrid_cloud_gateway:1::el9
 Create a notification for this product.
   Red Hat Red Hat Connectivity Link     cpe:/a:redhat:hybrid_cloud_gateway:1::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12401",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-12T15:21:20.829376Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-12T15:44:58.794Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/cert-manager/cert-manager",
               defaultStatus: "unaffected",
               packageName: "cert-manager",
               versions: [
                  {
                     lessThanOrEqual: "1.12.14",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "1.15.4",
                     status: "affected",
                     version: "1.13.0-alpha.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "1.16.2",
                     status: "affected",
                     version: "1.16.0-alpha.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cert_manager:1",
               ],
               defaultStatus: "affected",
               packageName: "cert-manager/cert-manager-operator-bundle",
               product: "cert-manager Operator for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cert_manager:1",
               ],
               defaultStatus: "affected",
               packageName: "cert-manager/cert-manager-operator-rhel9",
               product: "cert-manager Operator for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cert_manager:1",
               ],
               defaultStatus: "affected",
               packageName: "cert-manager/jetstack-cert-manager-acmesolver-rhel9",
               product: "cert-manager Operator for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cert_manager:1",
               ],
               defaultStatus: "affected",
               packageName: "cert-manager/jetstack-cert-manager-rhel9",
               product: "cert-manager Operator for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cryostat:3",
               ],
               defaultStatus: "affected",
               packageName: "cryostat-tech-preview/cryostat-rhel8-operator",
               product: "Cryostat 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "affected",
               packageName: "multicluster-engine/assisted-service-8-rhel8",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "affected",
               packageName: "multicluster-engine/assisted-service-9-rhel9",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-activator-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-autoscaler-hpa-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-autoscaler-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-controller-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-queue-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-storage-version-migration-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/serving-webhook-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:hybrid_cloud_gateway:1::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcl-operator-bundle-container",
               product: "Red Hat Connectivity Link",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:hybrid_cloud_gateway:1::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcl-operator-container",
               product: "Red Hat Connectivity Link",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-api-server-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-contour-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "odf4/rook-ceph-rhel8-operator",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_gitops:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-gitops-1/gitops-rhel8-operator",
               product: "Red Hat OpenShift GitOps",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-21T19:52:52.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector for the cert-manager in the cluster.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T05:58:20.676Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12401",
            },
            {
               name: "RHBZ#2327929",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2327929",
            },
            {
               url: "https://github.com/cert-manager/cert-manager/pull/7400",
            },
            {
               url: "https://github.com/cert-manager/cert-manager/pull/7401",
            },
            {
               url: "https://github.com/cert-manager/cert-manager/pull/7402",
            },
            {
               url: "https://github.com/cert-manager/cert-manager/pull/7403",
            },
            {
               url: "https://github.com/cert-manager/cert-manager/security/advisories/GHSA-r4pg-vg54-wxx4",
            },
            {
               url: "https://go.dev/issue/50116",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-21T23:00:43.367021+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-21T19:52:52+00:00",
               value: "Made public.",
            },
         ],
         title: "Cert-manager: potential dos when parsing specially crafted pem inputs",
         x_redhatCweChain: "CWE-20: Improper Input Validation",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12401",
      datePublished: "2024-12-12T09:06:03.612Z",
      dateReserved: "2024-12-10T13:30:10.806Z",
      dateUpdated: "2025-03-15T05:58:20.676Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-25720
Vulnerability from cvelistv5
Published
2024-11-17 10:17
Modified
2024-11-21 20:51
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.
References
https://access.redhat.com/security/cve/CVE-2020-25720vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2305954issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Storage 3     cpe:/a:redhat:storage:3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-25720",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-17T16:18:39.310986Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-17T16:18:49.431Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://git.samba.org/samba.git",
               defaultStatus: "unaffected",
               packageName: "samba",
               versions: [
                  {
                     lessThan: "4.17.8",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "samba",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "samba4",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "samba",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "samba",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "samba",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:storage:3",
               ],
               defaultStatus: "unaffected",
               packageName: "samba",
               product: "Red Hat Storage 3",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2022-06-14T00:12:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-264",
                     description: "CWE-264",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-21T20:51:52.457Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2020-25720",
            },
            {
               name: "RHBZ#2305954",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2305954",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-16T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2022-06-14T00:12:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Samba: check attribute access rights for ldap adds of computers",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-264",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2020-25720",
      datePublished: "2024-11-17T10:17:07.511Z",
      dateReserved: "2020-09-16T00:00:00.000Z",
      dateUpdated: "2024-11-21T20:51:52.457Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-6508
Vulnerability from cvelistv5
Published
2024-08-21 05:45
Modified
2025-01-09 08:42
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Summary
An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s current application account using a third-party account without any restrictions.
References
https://access.redhat.com/errata/RHSA-2024:10813vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7922vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8415vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8991vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9620vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0014vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6508vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2295777issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202412201659.p0.g8910d84.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202411300029.p0.g68accd9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202411131205.p0.g839a801.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202411060036.p0.gd8360d4.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202410231737.p0.gf0870c3.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202410091535.p0.ge61f187.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-6508",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-21T13:24:02.161482Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-21T13:38:00.878Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/console",
               defaultStatus: "affected",
               packageName: "openshift-console",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.12.0-202412201659.p0.g8910d84.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202411300029.p0.g68accd9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202411131205.p0.g839a801.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202411060036.p0.gd8360d4.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202410231737.p0.gf0870c3.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202410091535.p0.ge61f187.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         datePublic: "2024-08-19T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s current application account using a third-party account without any restrictions.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-331",
                     description: "Insufficient Entropy",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-09T08:42:23.326Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10813",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10813",
            },
            {
               name: "RHSA-2024:7922",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7922",
            },
            {
               name: "RHSA-2024:8415",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8415",
            },
            {
               name: "RHSA-2024:8991",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8991",
            },
            {
               name: "RHSA-2024:9620",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9620",
            },
            {
               name: "RHSA-2025:0014",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0014",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-6508",
            },
            {
               name: "RHBZ#2295777",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295777",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-06-17T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-08-19T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-console: oauth2 insufficient state parameter entropy",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-331: Insufficient Entropy",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-6508",
      datePublished: "2024-08-21T05:45:28.303Z",
      dateReserved: "2024-07-04T11:10:33.464Z",
      dateUpdated: "2025-01-09T08:42:23.326Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45497
Vulnerability from cvelistv5
Published
2024-12-31 02:19
Modified
2025-02-07 04:30
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Summary
A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories. The mount is not read-only, which allows the attacker to overwrite it. By modifying the config.json file, the attacker can cause a denial of service by preventing the node from pulling new images and potentially exfiltrating sensitive secrets. This flaw impacts the availability of services dependent on image pulls and exposes sensitive information to unauthorized parties.
References
https://access.redhat.com/security/cve/CVE-2024-45497vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2308673issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 4.16   
Create a notification for this product.
   Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45497",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-31T15:53:54.435304Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-31T15:54:01.852Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift",
               defaultStatus: "unknown",
               packageName: "openshift",
               versions: [
                  {
                     status: "affected",
                     version: "4.16",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:jboss_fuse:7",
               ],
               defaultStatus: "unknown",
               packageName: "org.arquillian.cube/arquillian-cube-openshift-api",
               product: "Red Hat Fuse 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-openshift-apiserver-operator",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-apiserver-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Thibault Guittet (Red Hat).",
            },
         ],
         datePublic: "2024-12-15T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories. The mount is not read-only, which allows the attacker to overwrite it. By modifying the config.json file, the attacker can cause a denial of service by preventing the node from pulling new images and potentially exfiltrating sensitive secrets. This flaw impacts the availability of services dependent on image pulls and exposes sensitive information to unauthorized parties.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-732",
                     description: "Incorrect Permission Assignment for Critical Resource",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-07T04:30:40.851Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45497",
            },
            {
               name: "RHBZ#2308673",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308673",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-08-29T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-12-15T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-api: build process in openshift allows overwriting of node pull credentials",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-732: Incorrect Permission Assignment for Critical Resource",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45497",
      datePublished: "2024-12-31T02:19:22.553Z",
      dateReserved: "2024-08-30T10:12:13.684Z",
      dateUpdated: "2025-02-07T04:30:40.851Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-6387
Vulnerability from cvelistv5
Published
2024-07-01 12:37
Modified
2024-11-24 17:19
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
References
https://access.redhat.com/errata/RHSA-2024:4312vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4340vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4389vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4469vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4474vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4479vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4484vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6387vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2294604issue-tracking, x_refsource_REDHAT
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
https://www.openssh.com/txt/release-9.8
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
Impacted products
Vendor Product Version
Version: 8.5p1   <
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:8.7p1-12.el9_0.1   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
    cpe:/o:redhat:rhel_e4s:9.0::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:8.7p1-30.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/o:redhat:rhel_eus:9.2::baseos
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202407091321-0   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202407091253-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202407091355-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202407081958-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
 Create a notification for this product.
   Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
 Create a notification for this product.
   Red Hat Red Hat Ceph Storage 7     cpe:/a:redhat:ceph_storage:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-6387",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-02T13:18:34.695298Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-02T13:18:46.662Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-19T07:47:51.801Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/01/12",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/01/13",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/02/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/03/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/03/11",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/03/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/03/3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/03/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/03/5",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/04/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/04/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/08/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/08/3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/09/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/09/5",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/6",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/11/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/11/3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/23/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/23/6",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/28/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/28/3",
               },
               {
                  name: "RHSA-2024:4312",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4312",
               },
               {
                  name: "RHSA-2024:4340",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4340",
               },
               {
                  name: "RHSA-2024:4389",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4389",
               },
               {
                  name: "RHSA-2024:4469",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4469",
               },
               {
                  name: "RHSA-2024:4474",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4474",
               },
               {
                  name: "RHSA-2024:4479",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4479",
               },
               {
                  name: "RHSA-2024:4484",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4484",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-6387",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server",
               },
               {
                  name: "RHBZ#2294604",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://explore.alas.aws.amazon.com/CVE-2024-6387.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/AlmaLinux/updates/issues/629",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/Azure/AKS/issues/4379",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2249",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/microsoft/azurelinux/issues/9555",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/oracle/oracle-linux/issues/149",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/rapier1/hpn-ssh/issues/87",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/zgzhang/cve-2024-6387-poc",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://news.ycombinator.com/item?id=40843778",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2024-6387",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20240701-0001/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://sig-security.rocky.page/issues/CVE-2024-6387/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://ubuntu.com/security/CVE-2024-6387",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://ubuntu.com/security/notices/USN-6859-1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openssh.com/txt/release-9.8",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.suse.com/security/cve/CVE-2024-6387.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.theregister.com/2024/07/01/regresshion_openssh/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214119",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214118",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214120",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jul/20",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jul/18",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jul/19",
               },
               {
                  url: "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.openssh.com/",
               defaultStatus: "unaffected",
               packageName: "OpenSSH",
               repo: "https://anongit.mindrot.org/openssh.git",
               versions: [
                  {
                     lessThanOrEqual: "9.7p1",
                     status: "affected",
                     version: "8.5p1",
                     versionType: "custom",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-38.el9_4.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-38.el9_4.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                  "cpe:/o:redhat:rhel_e4s:9.0::baseos",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-12.el9_0.1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
                  "cpe:/o:redhat:rhel_eus:9.2::baseos",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-30.el9_2.4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "413.92.202407091321-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "414.92.202407091253-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202407091355-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202407081958-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ceph_storage:5",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Ceph Storage 5",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ceph_storage:6",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Ceph Storage 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ceph_storage:7",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Ceph Storage 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.",
            },
         ],
         datePublic: "2024-07-01T08:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-364",
                     description: "Signal Handler Race Condition",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-24T17:19:20.471Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:4312",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4312",
            },
            {
               name: "RHSA-2024:4340",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4340",
            },
            {
               name: "RHSA-2024:4389",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4389",
            },
            {
               name: "RHSA-2024:4469",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4469",
            },
            {
               name: "RHSA-2024:4474",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4474",
            },
            {
               name: "RHSA-2024:4479",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4479",
            },
            {
               name: "RHSA-2024:4484",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4484",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-6387",
            },
            {
               name: "RHBZ#2294604",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
            },
            {
               url: "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
            },
            {
               url: "https://www.openssh.com/txt/release-9.8",
            },
            {
               url: "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-06-27T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-07-01T08:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openssh: regresshion - race condition in ssh allows rce/dos",
         workarounds: [
            {
               lang: "en",
               value: "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server's ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like 'fail2ban' alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.",
            },
         ],
         x_redhatCweChain: "CWE-364: Signal Handler Race Condition",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-6387",
      datePublished: "2024-07-01T12:37:25.431Z",
      dateReserved: "2024-06-27T13:41:03.421Z",
      dateUpdated: "2024-11-24T17:19:20.471Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7128
Vulnerability from cvelistv5
Published
2024-07-26 13:34
Modified
2025-03-13 03:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A flaw was found in the OpenShift console. Several endpoints in the application use the authHandler() and authHandlerWithUser() middleware functions. When the default authentication provider ("openShiftAuth") is set, these functions do not perform any authentication checks, relying instead on the targeted service to handle authentication and authorization. This issue leads to various degrees of data exposure due to a lack of proper credential verification.
References
https://access.redhat.com/security/cve/CVE-2024-7128vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2300037issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 4.16   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7128",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-26T14:58:46.268772Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-26T20:16:49.987Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:52:30.646Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-7128",
               },
               {
                  name: "RHBZ#2300037",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300037",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/console",
               defaultStatus: "unknown",
               packageName: "openshift-console",
               versions: [
                  {
                     status: "affected",
                     version: "4.16",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "openshift3/ose-console",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Thibault Guittet (Red Hat).",
            },
         ],
         datePublic: "2024-07-26T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the OpenShift console. Several endpoints in the application use the authHandler() and authHandlerWithUser() middleware functions. When the default authentication provider (\"openShiftAuth\") is set, these functions do not perform any authentication checks, relying instead on the targeted service to handle authentication and authorization. This issue leads to various degrees of data exposure due to a lack of proper credential verification.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-200",
                     description: "Exposure of Sensitive Information to an Unauthorized Actor",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-13T03:37:02.373Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-7128",
            },
            {
               name: "RHBZ#2300037",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2300037",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-26T10:51:18+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-07-26T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-console: unauthenticated data exposure",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-7128",
      datePublished: "2024-07-26T13:34:19.647Z",
      dateReserved: "2024-07-26T10:55:18.431Z",
      dateUpdated: "2025-03-13T03:37:02.373Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-0406
Vulnerability from cvelistv5
Published
2024-04-06 16:11
Modified
2025-03-11 05:46
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
Summary
A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library.
References
https://access.redhat.com/errata/RHSA-2025:2449vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-0406vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2257749issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: v3.0.0   < *
Patch: v4.0.0
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202503051333.p0.g22b273d.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-0406",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-04-09T19:56:01.225454Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-05T17:22:38.198Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:04:49.645Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-0406",
               },
               {
                  name: "RHBZ#2257749",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257749",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/mholt/archiver",
               defaultStatus: "unaffected",
               packageName: "archiver",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "v3.0.0",
                     versionType: "custom",
                  },
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/oc-mirror-plugin-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202503051333.p0.g22b273d.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-roxctl-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-roxctl-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-scanner-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Stefan Cornelius (Red Hat).",
            },
         ],
         datePublic: "2024-01-31T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-11T05:46:34.637Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:2449",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2449",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-0406",
            },
            {
               name: "RHBZ#2257749",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257749",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-01-10T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-01-31T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Mholt/archiver: path traversal vulnerability",
         x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-0406",
      datePublished: "2024-04-06T16:11:02.643Z",
      dateReserved: "2024-01-10T18:18:28.288Z",
      dateUpdated: "2025-03-11T05:46:34.637Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-9675
Vulnerability from cvelistv5
Published
2024-10-09 14:32
Modified
2025-03-20 10:58
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
References
https://access.redhat.com/errata/RHSA-2024:8563vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8675vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8679vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8686vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8690vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8700vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8703vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8707vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8708vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8709vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8846vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8984vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8994vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9051vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2445vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2449vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2701vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2710vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9675vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2317458issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241023085649.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020241028154646.3b538bd8   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020241028154646.3b538bd8   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020241028154646.3b538bd8   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020241025064551.0f77c1b7   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.33.10-1.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 1:1.26.8-2.el9_0   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 2:4.2.0-5.el9_0.2   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:1.29.4-1.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:4.4.1-21.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-15.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202503111300.p0.gb379980.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-21.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-32.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-14.rhaos4.16.el9   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-1.rhaos4.17.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202503041005.p0.gc3b0999.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202503040802.p0.g6a5ec2a.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9675",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-09T16:16:25.550764Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-09T16:24:34.705Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/buildah",
               defaultStatus: "unaffected",
               packageName: "buildah",
               versions: [
                  {
                     lessThan: "1.38.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020241023085649.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020241028154646.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020241028154646.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020241028154646.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:8.8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.8 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8080020241025064551.0f77c1b7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.10-1.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-16.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:5.2.2-9.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.37.5-1.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.0 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.26.8-2.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.0 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.2.0-5.el9_0.2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.4-1.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.4.1-21.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-15.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202503111300.p0.gb379980.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-21.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-32.rhaos4.15.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el8",
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-14.rhaos4.16.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
                  "cpe:/a:redhat:openshift:4.17::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "5:5.2.2-1.rhaos4.17.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202503041005.p0.gc3b0999.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202503040802.p0.g6a5ec2a.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "ocp-tools-4/jenkins-agent-base-rhel8",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "ocp-tools-4/jenkins-rhel8",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "conmon",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:quay:3",
               ],
               defaultStatus: "affected",
               packageName: "quay/quay-builder-rhel8",
               product: "Red Hat Quay 3",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-10-09T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-20T10:58:31.644Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:8563",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8563",
            },
            {
               name: "RHSA-2024:8675",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8675",
            },
            {
               name: "RHSA-2024:8679",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8679",
            },
            {
               name: "RHSA-2024:8686",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8686",
            },
            {
               name: "RHSA-2024:8690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8690",
            },
            {
               name: "RHSA-2024:8700",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8700",
            },
            {
               name: "RHSA-2024:8703",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8703",
            },
            {
               name: "RHSA-2024:8707",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8707",
            },
            {
               name: "RHSA-2024:8708",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8708",
            },
            {
               name: "RHSA-2024:8709",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8709",
            },
            {
               name: "RHSA-2024:8846",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8846",
            },
            {
               name: "RHSA-2024:8984",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8984",
            },
            {
               name: "RHSA-2024:8994",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8994",
            },
            {
               name: "RHSA-2024:9051",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9051",
            },
            {
               name: "RHSA-2024:9454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9454",
            },
            {
               name: "RHSA-2024:9459",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9459",
            },
            {
               name: "RHSA-2025:2445",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2445",
            },
            {
               name: "RHSA-2025:2449",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2449",
            },
            {
               name: "RHSA-2025:2454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2454",
            },
            {
               name: "RHSA-2025:2701",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2701",
            },
            {
               name: "RHSA-2025:2710",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2710",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-9675",
            },
            {
               name: "RHBZ#2317458",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2317458",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-09T02:45:06.343000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-10-09T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Buildah: buildah allows arbitrary directory mount",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-9675",
      datePublished: "2024-10-09T14:32:11.922Z",
      dateReserved: "2024-10-09T02:47:50.357Z",
      dateUpdated: "2025-03-20T10:58:31.644Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-3153
Vulnerability from cvelistv5
Published
2023-10-04 11:13
Modified
2024-09-19 14:25
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
References
https://access.redhat.com/security/cve/CVE-2023-3153vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2213279issue-tracking, x_refsource_REDHAT
https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd
https://github.com/ovn-org/ovn/issues/198
https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html
https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html
Impacted products
Vendor Product Version
n/a ovn
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 13 (Queens)     cpe:/a:redhat:openstack:13
 Create a notification for this product.
   Fedora Fedora Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:48:07.672Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-3153",
               },
               {
                  name: "RHBZ#2213279",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213279",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/ovn-org/ovn/issues/198",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-3153",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-19T14:24:33.931307Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-19T14:25:08.613Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "ovn",
               vendor: "n/a",
               versions: [
                  {
                     status: "unaffected",
                     version: "22.12.1",
                  },
                  {
                     status: "unaffected",
                     version: "22.03.3",
                  },
                  {
                     status: "unaffected",
                     version: "23.06.1",
                  },
                  {
                     status: "unaffected",
                     version: "23.03.1",
                  },
                  {
                     status: "unaffected",
                     version: "22.09.2",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn2.11",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn2.12",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn2.13",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn-2021",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn2.11",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn2.12",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn2.13",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.06",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.09",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn-2021",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.06",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.09",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn-2021",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn21.09",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn21.12",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.06",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.09",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.03",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:13",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.11",
               product: "Red Hat OpenStack Platform 13 (Queens)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://packages.fedoraproject.org/",
               defaultStatus: "affected",
               packageName: "ovn",
               product: "Fedora",
               vendor: "Fedora",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Ales Musil (Red Hat).",
            },
         ],
         datePublic: "2023-06-07T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-10-04T11:13:40.083Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-3153",
            },
            {
               name: "RHBZ#2213279",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213279",
            },
            {
               url: "https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd",
            },
            {
               url: "https://github.com/ovn-org/ovn/issues/198",
            },
            {
               url: "https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html",
            },
            {
               url: "https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-06-07T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-06-07T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Service monitor mac flow is not rate limited",
         x_redhatCweChain: "CWE-400: Uncontrolled Resource Consumption",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-3153",
      datePublished: "2023-10-04T11:13:40.083Z",
      dateReserved: "2023-06-07T18:04:42.140Z",
      dateUpdated: "2024-09-19T14:25:08.613Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-11218
Vulnerability from cvelistv5
Published
2025-01-22 04:55
Modified
2025-03-20 07:16
Severity ?
8.6 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
References
https://access.redhat.com/errata/RHSA-2025:0830vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0878vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0922vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0923vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1186vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1187vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1188vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1189vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1207vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1275vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1295vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1296vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1372vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1453vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1707vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1713vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1908vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1910vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1914vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2441vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2443vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2456vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2701vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2703vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2710vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2712vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11218vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2326231issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 1.35.0   
Version: 1.37.0   
Version: 1.38.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020250124120243.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020250203202123.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020250203202123.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020250203202123.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020250207173112.0f77c1b7   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-13.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.6-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 2:4.2.0-6.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 1:1.26.9-1.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:1.29.5-1.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:4.4.1-22.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:1.33.12-2.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 4:4.9.4-17.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 412.86.202503052321-0   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 3:4.2.0-13.rhaos4.12.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 1:1.29.5-1.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-16.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202503112237-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-22.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 1:1.29.5-1.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202503100617-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-33.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 1:1.29.5-1.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202503060749-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-15.rhaos4.16.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 2:1.33.12-1.rhaos4.16.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202502180249-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-2.rhaos4.17.el8   < *
    cpe:/a:redhat:openshift:4.17::el8
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 2:1.33.12-1.rhaos4.17.el8   < *
    cpe:/a:redhat:openshift:4.17::el8
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 2:1.33.12-1.rhaos4.18.el9   < *
    cpe:/a:redhat:openshift:4.18::el8
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-11218",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-22T14:11:18.056703Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-12T17:08:25.061Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/buildah",
               defaultStatus: "unaffected",
               packageName: "buildah",
               versions: [
                  {
                     lessThan: "1.33.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.35.5",
                     status: "affected",
                     version: "1.35.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.37.6",
                     status: "affected",
                     version: "1.37.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.38.1",
                     status: "affected",
                     version: "1.38.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020250124120243.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020250203202123.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020250203202123.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8060020250203202123.3b538bd8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:8.8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8.8 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8080020250207173112.0f77c1b7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:5.2.2-13.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.37.6-1.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.2.0-6.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.26.9-1.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.5-1.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:4.4.1-22.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.12-2.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-17.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "412.86.202503052321-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.2.0-13.rhaos4.12.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.5-1.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-16.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "413.92.202503112237-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-22.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.5-1.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "414.92.202503100617-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-33.rhaos4.15.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.29.5-1.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202503060749-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
                  "cpe:/a:redhat:openshift_ironic:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-15.rhaos4.16.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.12-1.rhaos4.16.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202502180249-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el8",
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "5:5.2.2-2.rhaos4.17.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el8",
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.12-1.rhaos4.17.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el8",
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.12-1.rhaos4.18.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-01-20T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-269",
                     description: "Improper Privilege Management",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-20T07:16:39.420Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:0830",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0830",
            },
            {
               name: "RHSA-2025:0878",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0878",
            },
            {
               name: "RHSA-2025:0922",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0922",
            },
            {
               name: "RHSA-2025:0923",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0923",
            },
            {
               name: "RHSA-2025:1186",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1186",
            },
            {
               name: "RHSA-2025:1187",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1187",
            },
            {
               name: "RHSA-2025:1188",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1188",
            },
            {
               name: "RHSA-2025:1189",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1189",
            },
            {
               name: "RHSA-2025:1207",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1207",
            },
            {
               name: "RHSA-2025:1275",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1275",
            },
            {
               name: "RHSA-2025:1295",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1295",
            },
            {
               name: "RHSA-2025:1296",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1296",
            },
            {
               name: "RHSA-2025:1372",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1372",
            },
            {
               name: "RHSA-2025:1453",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1453",
            },
            {
               name: "RHSA-2025:1707",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1707",
            },
            {
               name: "RHSA-2025:1713",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1713",
            },
            {
               name: "RHSA-2025:1908",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1908",
            },
            {
               name: "RHSA-2025:1910",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1910",
            },
            {
               name: "RHSA-2025:1914",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1914",
            },
            {
               name: "RHSA-2025:2441",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2441",
            },
            {
               name: "RHSA-2025:2443",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2443",
            },
            {
               name: "RHSA-2025:2454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2454",
            },
            {
               name: "RHSA-2025:2456",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2456",
            },
            {
               name: "RHSA-2025:2701",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2701",
            },
            {
               name: "RHSA-2025:2703",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2703",
            },
            {
               name: "RHSA-2025:2710",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2710",
            },
            {
               name: "RHSA-2025:2712",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2712",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-11218",
            },
            {
               name: "RHBZ#2326231",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2326231",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-14T13:05:29.849000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-20T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile",
         workarounds: [
            {
               lang: "en",
               value: "Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.\n\nSELinux enforces strict access controls by confining the build process (e.g., Podman) to specific domains like container_t. This prevents unauthorized access to sensitive host files and directories, even if a malicious Containerfile tries to exploit the --mount flag.",
            },
         ],
         x_redhatCweChain: "CWE-269: Improper Privilege Management",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-11218",
      datePublished: "2025-01-22T04:55:30.649Z",
      dateReserved: "2024-11-14T13:11:49.476Z",
      dateUpdated: "2025-03-20T07:16:39.420Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45782
Vulnerability from cvelistv5
Published
2025-03-03 17:05
Modified
2025-03-25 04:58
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.
References
https://access.redhat.com/security/cve/CVE-2024-45782vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345858issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45782",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T16:16:37.826730Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T16:16:50.200Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-25T04:58:13.528Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45782",
            },
            {
               name: "RHBZ#2345858",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345858",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-14T21:43:49.029000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)",
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45782",
      datePublished: "2025-03-03T17:05:25.397Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-25T04:58:13.528Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-5037
Vulnerability from cvelistv5
Published
2024-06-05 18:03
Modified
2025-02-06 08:30
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.
References
https://access.redhat.com/errata/RHSA-2024:4151vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4156vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4329vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4484vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5200vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-5037vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2272339issue-tracking, x_refsource_REDHAT
https://github.com/kubernetes/kubernetes/pull/123540
https://github.com/openshift/telemeter/blob/a9417a6062c3a31ed78c06ea3a0613a52f2029b2/pkg/authorize/jwt/client_authorizer.go#L78
Impacted products
Vendor Product Version
Version: 4.16   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202408071159.p0.gc9592de.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202407081338.p0.g0634a6d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202407021509.p0.g1f72681.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202406200537.p0.g14489f7.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202406200537.p0.gc1ecd10.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 2     cpe:/a:redhat:openshift_distributed_tracing:2
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-5037",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-13T20:15:59.404791Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-13T20:16:05.375Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:03:10.506Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:4151",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4151",
               },
               {
                  name: "RHSA-2024:4156",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4156",
               },
               {
                  name: "RHSA-2024:4329",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4329",
               },
               {
                  name: "RHSA-2024:4484",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4484",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-5037",
               },
               {
                  name: "RHBZ#2272339",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272339",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/kubernetes/kubernetes/pull/123540",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/openshift/telemeter/blob/a9417a6062c3a31ed78c06ea3a0613a52f2029b2/pkg/authorize/jwt/client_authorizer.go#L78",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/telemeter",
               defaultStatus: "unaffected",
               packageName: "telemeter",
               versions: [
                  {
                     lessThan: "4.17",
                     status: "affected",
                     version: "4.16",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-telemeter",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.12.0-202408071159.p0.gc9592de.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-telemeter",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202407081338.p0.g0634a6d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-telemeter",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202407021509.p0.g1f72681.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-telemeter-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202406200537.p0.g14489f7.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-telemeter-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202406200537.p0.gc1ecd10.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:logging:5",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-logging/opa-openshift-rhel8",
               product: "Logging Subsystem for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:2",
               ],
               defaultStatus: "affected",
               packageName: "rhosdt/tempo-gateway-opa-rhel8",
               product: "Red Hat OpenShift distributed tracing 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "affected",
               packageName: "rhosdt/tempo-gateway-opa-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-06-05T17:51:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue (\"iss\") check during JSON web token (JWT) authentication.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-290",
                     description: "Authentication Bypass by Spoofing",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-06T08:30:19.750Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:4151",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4151",
            },
            {
               name: "RHSA-2024:4156",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4156",
            },
            {
               name: "RHSA-2024:4329",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4329",
            },
            {
               name: "RHSA-2024:4484",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4484",
            },
            {
               name: "RHSA-2024:5200",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:5200",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-5037",
            },
            {
               name: "RHBZ#2272339",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272339",
            },
            {
               url: "https://github.com/kubernetes/kubernetes/pull/123540",
            },
            {
               url: "https://github.com/openshift/telemeter/blob/a9417a6062c3a31ed78c06ea3a0613a52f2029b2/pkg/authorize/jwt/client_authorizer.go#L78",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-30T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-06-05T17:51:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift/telemeter: iss check during jwt authentication can be bypassed",
         x_redhatCweChain: "CWE-290: Authentication Bypass by Spoofing",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-5037",
      datePublished: "2024-06-05T18:03:23.194Z",
      dateReserved: "2024-05-16T22:03:32.375Z",
      dateUpdated: "2025-02-06T08:30:19.750Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-1260
Vulnerability from cvelistv5
Published
2023-09-24 00:07
Modified
2024-08-02 05:40
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod.
References
https://access.redhat.com/errata/RHSA-2023:3976vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4093vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4312vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4898vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:5008vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-1260vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2176267issue-tracking, x_refsource_REDHAT
https://github.com/advisories/GHSA-92hx-3mh6-hc49
https://security.netapp.com/advisory/ntap-20231020-0010/
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.10 Unaffected: 0:4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el7   < *
    cpe:/a:redhat:openshift:4.10::el8
    cpe:/a:redhat:openshift:4.10::el7
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.11 Unaffected: 0:4.11.0-202307200925.p0.ga9da4a8.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.11::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:4.12.0-202307040929.p0.g1485cc9.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:4.13.0-202307132344.p0.gf245ced.assembly.stream.el8   < *
    cpe:/a:redhat:openshift_ironic:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T05:40:59.774Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2023:3976",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2023:3976",
               },
               {
                  name: "RHSA-2023:4093",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2023:4093",
               },
               {
                  name: "RHSA-2023:4312",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2023:4312",
               },
               {
                  name: "RHSA-2023:4898",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2023:4898",
               },
               {
                  name: "RHSA-2023:5008",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2023:5008",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-1260",
               },
               {
                  name: "RHBZ#2176267",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2176267",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/advisories/GHSA-92hx-3mh6-hc49",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20231020-0010/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/apiserver-library-go",
               packageName: "github.com/openshift/apiserver-library-go",
               repo: "https://github.com/openshift/apiserver-library-go",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "a994128188486d2dce99a528fbcc017d276081e0",
                     versionType: "git",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.10::el8",
                  "cpe:/a:redhat:openshift:4.10::el7",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4.10",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.11::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4.11",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.11.0-202307200925.p0.ga9da4a8.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.12.0-202307040929.p0.g1485cc9.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ironic:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.13.0-202307132344.p0.gf245ced.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "microshift",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-openshift-apiserver-rhel7",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-pod",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-tests",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Xingxing Xia (Red Hat).",
            },
         ],
         datePublic: "2023-04-04T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions \"update, patch\" the \"pods/ephemeralcontainers\" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-288",
                     description: "Authentication Bypass Using an Alternate Path or Channel",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-15T00:27:54.327174Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2023:3976",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2023:3976",
            },
            {
               name: "RHSA-2023:4093",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2023:4093",
            },
            {
               name: "RHSA-2023:4312",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2023:4312",
            },
            {
               name: "RHSA-2023:4898",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2023:4898",
            },
            {
               name: "RHSA-2023:5008",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2023:5008",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-1260",
            },
            {
               name: "RHBZ#2176267",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2176267",
            },
            {
               url: "https://github.com/advisories/GHSA-92hx-3mh6-hc49",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20231020-0010/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-03-07T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-04-04T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Kube-apiserver: privesc",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
            },
         ],
         x_redhatCweChain: "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-1260",
      datePublished: "2023-09-24T00:07:08.130Z",
      dateReserved: "2023-03-07T20:12:18.360Z",
      dateUpdated: "2024-08-02T05:40:59.774Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12243
Vulnerability from cvelistv5
Published
2025-02-10 15:28
Modified
2025-03-12 03:54
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
References
https://access.redhat.com/security/cve/CVE-2024-12243vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2344615issue-tracking, x_refsource_REDHAT
https://gitlab.com/gnutls/libtasn1/-/issues/52
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12243",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-10T16:25:20.087658Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-10T16:25:30.798Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2025-02-21T22:02:34.513Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "gnutls",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "gnutls",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "gnutls",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "gnutls",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Bing Shi for reporting this issue.",
            },
         ],
         datePublic: "2025-02-10T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-407",
                     description: "Inefficient Algorithmic Complexity",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-12T03:54:12.741Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12243",
            },
            {
               name: "RHBZ#2344615",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344615",
            },
            {
               url: "https://gitlab.com/gnutls/libtasn1/-/issues/52",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-10T08:33:56.422000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-10T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos",
         x_redhatCweChain: "CWE-407: Inefficient Algorithmic Complexity",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12243",
      datePublished: "2025-02-10T15:28:10.328Z",
      dateReserved: "2024-12-05T14:26:25.188Z",
      dateUpdated: "2025-03-12T03:54:12.741Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12133
Vulnerability from cvelistv5
Published
2025-02-10 15:28
Modified
2025-03-11 19:32
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
References
https://access.redhat.com/security/cve/CVE-2024-12133vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2344611issue-tracking, x_refsource_REDHAT
https://gitlab.com/gnutls/libtasn1/-/issues/52
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2025-02-21T13:06:53.278Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2025/02/06/6",
               },
               {
                  url: "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12133",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-10T16:25:41.090444Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-10T16:26:20.251Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "libtasn1",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "libtasn1",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "libtasn1",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "libtasn1",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Bing Shi for reporting this issue.",
            },
         ],
         datePublic: "2025-02-10T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-407",
                     description: "Inefficient Algorithmic Complexity",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-11T19:32:18.064Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12133",
            },
            {
               name: "RHBZ#2344611",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344611",
            },
            {
               url: "https://gitlab.com/gnutls/libtasn1/-/issues/52",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-10T08:14:05.460000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-10T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos",
         x_redhatCweChain: "CWE-407: Inefficient Algorithmic Complexity",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12133",
      datePublished: "2025-02-10T15:28:03.193Z",
      dateReserved: "2024-12-04T03:13:48.478Z",
      dateUpdated: "2025-03-11T19:32:18.064Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0690
Vulnerability from cvelistv5
Published
2025-02-24 07:53
Modified
2025-03-15 00:22
Severity ?
6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Summary
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.
References
https://access.redhat.com/security/cve/CVE-2025-0690vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346123issue-tracking, x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0690",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-24T11:17:51.239076Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-12T16:34:20.527Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "PHYSICAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:22:20.717Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0690",
            },
            {
               name: "RHBZ#2346123",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346123",
            },
            {
               url: "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:37:14.300000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: read: integer overflow may lead to out-of-bounds write",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-190->CWE-787: Integer Overflow or Wraparound leads to Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0690",
      datePublished: "2025-02-24T07:53:30.081Z",
      dateReserved: "2025-01-23T20:01:36.565Z",
      dateUpdated: "2025-03-15T00:22:20.717Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45778
Vulnerability from cvelistv5
Published
2025-03-03 17:05
Modified
2025-03-04 16:17
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.
References
https://access.redhat.com/security/cve/CVE-2024-45778vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345640issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45778",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T16:17:31.692255Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T16:17:40.084Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 4.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "Integer Overflow or Wraparound",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-03T17:23:56.731Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45778",
            },
            {
               name: "RHBZ#2345640",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345640",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-13T22:31:09.886000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/bfs: integer overflow in the bfs parser.",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-190: Integer Overflow or Wraparound",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45778",
      datePublished: "2025-03-03T17:05:13.058Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-04T16:17:40.084Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12086
Vulnerability from cvelistv5
Published
2025-01-14 17:37
Modified
2025-03-15 00:13
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Summary
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
References
https://access.redhat.com/security/cve/CVE-2024-12086vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330577issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 0    3.3.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12086",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-26T14:14:25.165183Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-26T14:20:53.620Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/RsyncProject/rsync",
               defaultStatus: "unaffected",
               packageName: "rsync",
               versions: [
                  {
                     lessThanOrEqual: "3.3.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue.",
            },
         ],
         datePublic: "2025-01-14T15:06:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-390",
                     description: "Detection of Error Condition Without Action",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:13:07.411Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12086",
            },
            {
               name: "RHBZ#2330577",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330577",
            },
            {
               url: "https://kb.cert.org/vuls/id/952657",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-05T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-14T15:06:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rsync: rsync server leaks arbitrary client files",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-390: Detection of Error Condition Without Action",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12086",
      datePublished: "2025-01-14T17:37:54.960Z",
      dateReserved: "2024-12-03T08:57:58.397Z",
      dateUpdated: "2025-03-15T00:13:07.411Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-8176
Vulnerability from cvelistv5
Published
2025-03-14 08:19
Modified
2025-03-28 15:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.
References
https://access.redhat.com/security/cve/CVE-2024-8176vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2310137issue-tracking, x_refsource_REDHAT
https://github.com/libexpat/libexpat/issues/893
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat JBoss Core Services     cpe:/a:redhat:jboss_core_services:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-8176",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-14T13:13:22.690073Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-14T13:14:00.908Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2025-03-28T15:03:08.107Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2025/03/15/1",
               },
               {
                  url: "https://blog.hartwork.org/posts/expat-2-7-0-released/",
               },
               {
                  url: "https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52",
               },
               {
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1239618",
               },
               {
                  url: "https://ubuntu.com/security/CVE-2024-8176",
               },
               {
                  url: "https://security-tracker.debian.org/tracker/CVE-2024-8176",
               },
               {
                  url: "https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53",
               },
               {
                  url: "https://security.netapp.com/advisory/ntap-20250328-0009/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "compat-expat1",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "expat",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "expat",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "firefox",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "thunderbird",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "expat",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "firefox",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "lua-expat",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "mingw-expat",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "thunderbird",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "xmlrpc-c",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "expat",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "firefox",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "firefox:flatpak/firefox",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "thunderbird",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "thunderbird:flatpak/thunderbird",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
               cpes: [
                  "cpe:/a:redhat:jboss_core_services:1",
               ],
               defaultStatus: "affected",
               packageName: "expat",
               product: "Red Hat JBoss Core Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Jann Horn (Google Project Zero), Sandipan Roy (Red Hat), Sebastian Pipping (libexpat), and Tomas Korbar (Red Hat).",
            },
         ],
         datePublic: "2025-03-13T13:51:54.957Z",
         descriptions: [
            {
               lang: "en",
               value: "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-674",
                     description: "Uncontrolled Recursion",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-14T18:55:02.523Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-8176",
            },
            {
               name: "RHBZ#2310137",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310137",
            },
            {
               url: "https://github.com/libexpat/libexpat/issues/893",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-06-12T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-03-13T13:51:54.957000+00:00",
               value: "Made public.",
            },
         ],
         title: "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-674: Uncontrolled Recursion",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-8176",
      datePublished: "2025-03-14T08:19:48.962Z",
      dateReserved: "2024-08-26T12:36:40.985Z",
      dateUpdated: "2025-03-28T15:03:08.107Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7409
Vulnerability from cvelistv5
Published
2024-08-05 13:19
Modified
2024-12-12 03:50
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.
References
https://access.redhat.com/errata/RHSA-2024:10518vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10528vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10813vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6811vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6818vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6964vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7408vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8991vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9136vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9620vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9912vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2302487issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240905091210.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240905091210.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 17:9.0.0-10.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 17:7.2.0-14.el9_2.14   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 17:8.2.0-11.el9_4.8   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202411212100-0   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202409180051-0   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202411130444-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202409162258-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202411050056-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411261619-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202411261220-0   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7409",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-06T20:16:55.295801Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-06T20:17:14.655Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
                  "cpe:/a:redhat:enterprise_linux:8::crb",
               ],
               defaultStatus: "affected",
               packageName: "virt-devel:rhel",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020240905091210.489197e6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
                  "cpe:/a:redhat:enterprise_linux:8::crb",
               ],
               defaultStatus: "affected",
               packageName: "virt:rhel",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020240905091210.489197e6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "qemu-kvm",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "17:9.0.0-10.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "qemu-kvm",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "17:7.2.0-14.el9_2.14",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "qemu-kvm",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "17:8.2.0-11.el9_4.8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "413.92.202411212100-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "413.92.202409180051-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "414.92.202411130444-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202409162258-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202411050056-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202411261619-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "417.94.202411261220-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "qemu-kvm",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "qemu-kvm",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "qemu-kvm-ma",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_virtualization:8::el8",
               ],
               defaultStatus: "affected",
               packageName: "virt:8.2/qemu-kvm",
               product: "Red Hat Enterprise Linux 8 Advanced Virtualization",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_virtualization:8::el8",
               ],
               defaultStatus: "affected",
               packageName: "virt:av/qemu-kvm",
               product: "Red Hat Enterprise Linux 8 Advanced Virtualization",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_virtualization:8::el8",
               ],
               defaultStatus: "affected",
               packageName: "virt-devel:8.2/qemu-kvm",
               product: "Red Hat Enterprise Linux 8 Advanced Virtualization",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_virtualization:8::el8",
               ],
               defaultStatus: "affected",
               packageName: "virt-devel:av/qemu-kvm",
               product: "Red Hat Enterprise Linux 8 Advanced Virtualization",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-08-02T11:05:09+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-662",
                     description: "Improper Synchronization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-12T03:50:24.208Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10518",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10518",
            },
            {
               name: "RHSA-2024:10528",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10528",
            },
            {
               name: "RHSA-2024:10813",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10813",
            },
            {
               name: "RHSA-2024:6811",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6811",
            },
            {
               name: "RHSA-2024:6818",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6818",
            },
            {
               name: "RHSA-2024:6964",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6964",
            },
            {
               name: "RHSA-2024:7408",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7408",
            },
            {
               name: "RHSA-2024:8991",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8991",
            },
            {
               name: "RHSA-2024:9136",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9136",
            },
            {
               name: "RHSA-2024:9620",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9620",
            },
            {
               name: "RHSA-2024:9912",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9912",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-7409",
            },
            {
               name: "RHBZ#2302487",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302487",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-08-02T10:54:41+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-08-02T11:05:09+00:00",
               value: "Made public.",
            },
         ],
         title: "Qemu: denial of service via improper synchronization in qemu nbd server during socket closure",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-662: Improper Synchronization",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-7409",
      datePublished: "2024-08-05T13:19:27.498Z",
      dateReserved: "2024-08-02T12:25:13.211Z",
      dateUpdated: "2024-12-12T03:50:24.208Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4369
Vulnerability from cvelistv5
Published
2024-04-30 23:49
Modified
2024-12-06 14:52
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
An information disclosure flaw was found in OpenShift's internal image registry operator. The AZURE_CLIENT_SECRET can be exposed through an environment variable defined in the pod definition, but is limited to Azure environments. An attacker controlling an account that has high enough permissions to obtain pod information from the openshift-image-registry namespace could use this obtained client secret to perform actions as the registry operator's Azure service account.
References
https://access.redhat.com/errata/RHSA-2024:3881vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3889vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4369vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2278035issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202406112008.p0.g36b3cca.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202406060836.p0.gf577b35.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4369",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-03T16:58:46.811103Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-03T18:23:20.777Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:40:47.021Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:3881",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3881",
               },
               {
                  name: "RHSA-2024:3889",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3889",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-4369",
               },
               {
                  name: "RHBZ#2278035",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278035",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/cluster-image-registry-operator",
               defaultStatus: "unaffected",
               packageName: "cluster-image-registry-operator",
               versions: [
                  {
                     lessThan: "ocp-4.14.30",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-image-registry-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202406112008.p0.g36b3cca.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-image-registry-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202406060836.p0.gf577b35.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         datePublic: "2024-04-30T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "An information disclosure flaw was found in OpenShift's internal image registry operator. The AZURE_CLIENT_SECRET can be exposed through an environment variable defined in the pod definition, but is limited to Azure environments. An attacker controlling an account that has high enough permissions to obtain pod information from the openshift-image-registry namespace could use this obtained client secret to perform actions as the registry operator's Azure service account.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-526",
                     description: "Cleartext Storage of Sensitive Information in an Environment Variable",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-06T14:52:14.083Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:3881",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3881",
            },
            {
               name: "RHSA-2024:3889",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3889",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-4369",
            },
            {
               name: "RHBZ#2278035",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278035",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-04-30T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-04-30T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Cluster-image-registry-operator: exposes a secret via env variable in pod definition on azure",
         x_redhatCweChain: "CWE-526: Cleartext Storage of Sensitive Information in an Environment Variable",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-4369",
      datePublished: "2024-04-30T23:49:02.382Z",
      dateReserved: "2024-04-30T19:17:21.633Z",
      dateUpdated: "2024-12-06T14:52:14.083Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-50312
Vulnerability from cvelistv5
Published
2024-10-22 13:24
Modified
2025-01-21 00:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.
References
https://access.redhat.com/errata/RHSA-2025:0115vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0140vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-50312vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2319378issue-tracking, x_refsource_REDHAT
https://github.com/openshift/console/pull/14409/files
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501080105.p0.g6fe3e8b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202501080135.p0.gedbd12e.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "NONE",
                     baseScore: 5.3,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "LOW",
                     integrityImpact: "NONE",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-50312",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-22T17:39:55.373026Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-22T17:40:03.124Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202501080105.p0.g6fe3e8b.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202501080135.p0.gedbd12e.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Maksymilian Kubiak (AFINE), Paweł Zdunek (AFINE), and Sławomir Zakrzewski (AFINE) for reporting this issue.",
            },
         ],
         datePublic: "2024-10-17T13:17:02.150000+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-200",
                     description: "Exposure of Sensitive Information to an Unauthorized Actor",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-21T00:46:47.060Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:0115",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0115",
            },
            {
               name: "RHSA-2025:0140",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0140",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-50312",
            },
            {
               name: "RHBZ#2319378",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319378",
            },
            {
               url: "https://github.com/openshift/console/pull/14409/files",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-17T12:33:51.606000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-10-17T13:17:02.150000+00:00",
               value: "Made public.",
            },
         ],
         title: "Graphql: information disclosure via graphql introspection in openshift",
         workarounds: [
            {
               lang: "en",
               value: "GraphQL Introspection should be disabled. Users should not have the ability to view all available queries, mutations, and data types.",
            },
         ],
         x_redhatCweChain: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-50312",
      datePublished: "2024-10-22T13:24:12.165Z",
      dateReserved: "2024-10-22T07:15:25.163Z",
      dateUpdated: "2025-01-21T00:46:47.060Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12747
Vulnerability from cvelistv5
Published
2025-01-14 17:39
Modified
2025-03-15 00:15
Severity ?
5.6 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
References
https://access.redhat.com/errata/RHSA-2025:2600vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12747vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2332968issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 0    3.3.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-21.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12747",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-14T18:38:10.199669Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-01-14T18:38:36.602Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/RsyncProject/rsync",
               defaultStatus: "unaffected",
               packageName: "rsync",
               versions: [
                  {
                     lessThanOrEqual: "3.3.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-21.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Aleksei Gorban \"loqpa\" for reporting this issue.",
            },
         ],
         datePublic: "2025-01-14T15:06:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-362",
                     description: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:15:23.593Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:2600",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2600",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12747",
            },
            {
               name: "RHBZ#2332968",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2332968",
            },
            {
               url: "https://kb.cert.org/vuls/id/952657",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-18T07:12:52.493000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-14T15:06:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rsync: race condition in rsync handling symbolic links",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12747",
      datePublished: "2025-01-14T17:39:16.031Z",
      dateReserved: "2024-12-18T06:49:21.481Z",
      dateUpdated: "2025-03-15T00:15:23.593Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1139
Vulnerability from cvelistv5
Published
2024-04-25 16:25
Modified
2025-02-06 08:21
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.
References
https://access.redhat.com/errata/RHSA-2024:1887vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1891vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2047vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2782vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1139vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2262158issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    0.1.1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202405091536.p0.g8906207.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202404200313.p0.gb518881.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf350a68.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gcafed17.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gafffdd4.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g48fafc4.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ge79d817.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga0733c1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g1a5e72f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2dbe78f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g46dedc6.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd8cf3c9.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g46dedc6.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gad85376.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8ba0b37.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404170009.p0.g3dc363d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8853e6e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g27f105d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g3362d67.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g607e2dd.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g54a95bd.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2e2e277.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g95bcf9a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gad7aa0a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf0e7cbb.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf0e7cbb.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7ad2773.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb19eec1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9189357.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g354c55d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf401f53.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g43a15be.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g78da43a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gfb20cda.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g937b5fd.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g13046b3.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga687275.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gae83c55.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9203d4d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9d87281.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5d436c6.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g270579c.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g93fba13.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb4c4fb1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb4c4fb1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g33a706e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g91fa980.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g074a22c.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404170009.p0.gd4a1162.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5553a22.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g74f5363.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd139e6b.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd876f5a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404171239.p0.g2eab0f9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb287d08.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g4e05963.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g33f630d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9cd9922.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g711b4f6.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404170009.p0.g1839fb4.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd429c8b.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404171239.p0.g88d3f42.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404171239.p0.g88d3f42.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g0dbbb61.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8bd8602.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g3985c55.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g08fb27e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g219f6f6.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g61a3465.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gaab7b5b.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gaf210dc.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g716a0c3.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf6b13c7.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g855f3fc.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7295a5e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7d3fa77.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g697083a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd93a218.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ge1dd453.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gc273cd5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9232c1f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9232c1f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g06e8ce0.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g06e8ce0.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g78a710f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g78a710f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g59a701a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g59a701a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga683453.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga683453.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga9bcbde.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga9bcbde.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9dcaa7f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9dcaa7f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga683453.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga683453.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga683453.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9c104de.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb31bf58.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404171239.p0.gb0c0321.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g09e96a9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd99fb31.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g95d55a0.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8a626fe.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb3af193.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7bee54d.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404170009.p0.g96b62a5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g004ecde.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g446871f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gc28b223.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7fd94aa.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g02471d9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g44a2b94.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2a6627b.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g1c0ecea.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g78da43a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g78da43a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g264fa5c.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7b56c30.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7296ed5.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gc038d5a.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g801a912.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g1a9befc.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g1a646b9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gdb0c549.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8558e14.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7d96f56.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8926a29.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404170009.p0.g8926a29.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g34dfccb.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g27f5650.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ge292817.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8666a36.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga676e6b.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8985876.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7c0025b.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gd3a4a6c.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5e74b0f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g823eb51.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gcd6eae1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g078aee5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g13aebf7.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g833e1de.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g29f61f6.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g69d0021.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gbc56886.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g6f50b1a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8f5c90c.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga4a2f27.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g35f4739.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga333cb0.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gfb6fb27.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2287fb2.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g9e9b51d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g27209ef.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gdff4b0f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g697083a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g3a74316.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g697083a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gdcfcfb3.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga367cea.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gdcfcfb3.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5d70863.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2fdbd1b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2fdbd1b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2fdbd1b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7bee54d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g7436369.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g8ecfd7f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g32c1028.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g1a957da.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb7c61bc.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ge372516.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga4b845a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5ee0a9d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga4b845a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga4b845a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gaf40ed0.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g1a9befc.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g3c3f82f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gc683f65.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf066e57.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga267125.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5d5105f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga5ed57f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gb04567f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g72e998c.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g5d5105f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga5ed57f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.ga5ed57f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gece171d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf21b470.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.gf21b470.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g2fa33aa.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202404161612.p0.g00d04f5.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1139",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-04-26T14:01:04.371877Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T18:00:07.175Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:26:30.566Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:1887",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1887",
               },
               {
                  name: "RHSA-2024:1891",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1891",
               },
               {
                  name: "RHSA-2024:2047",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2047",
               },
               {
                  name: "RHSA-2024:2782",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2782",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-1139",
               },
               {
                  name: "RHBZ#2262158",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262158",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/cluster-monitoring-operator",
               defaultStatus: "unaffected",
               packageName: "cluster-monitoring-operator",
               versions: [
                  {
                     lessThanOrEqual: "0.1.1",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
                  "cpe:/a:redhat:openshift:4.12::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-monitoring-operator",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.12.0-202405091536.p0.g8906207.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-monitoring-operator",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202404200313.p0.gb518881.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/cloud-network-config-controller-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf350a68.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/driver-toolkit-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gcafed17.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/egress-router-cni-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gafffdd4.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/kubevirt-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g48fafc4.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/network-tools-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ge79d817.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/oc-mirror-plugin-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga0733c1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/openshift-route-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g1a5e72f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-api-server-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2dbe78f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-csr-approver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g46dedc6.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-node-agent-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd8cf3c9.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-orchestrator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g46dedc6.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-utils-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gad85376.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-alibaba-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8ba0b37.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-alibaba-cloud-csi-driver-container-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404170009.p0.g3dc363d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8853e6e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-alibaba-machine-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g27f105d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-apiserver-network-proxy-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g3362d67.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-aws-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g607e2dd.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-aws-cluster-api-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g54a95bd.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-aws-ebs-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2e2e277.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-aws-ebs-csi-driver-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g95bcf9a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-aws-pod-identity-webhook-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gad7aa0a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf0e7cbb.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-cloud-node-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf0e7cbb.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-cluster-api-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7ad2773.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-disk-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb19eec1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-disk-csi-driver-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9189357.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-file-csi-driver-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g354c55d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-file-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf401f53.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-azure-workload-identity-webhook-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g43a15be.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-baremetal-installer-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g78da43a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-baremetal-machine-controllers",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gfb20cda.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-baremetal-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g937b5fd.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-baremetal-runtimecfg-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g13046b3.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cli",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cli-artifacts",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cloud-credential-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga687275.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-api-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gae83c55.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-authentication-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9203d4d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-autoscaler",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9d87281.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-autoscaler-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5d436c6.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-baremetal-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g270579c.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-bootstrap",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g93fba13.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-capi-operator-container-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb4c4fb1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-capi-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb4c4fb1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g33a706e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-config-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g91fa980.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-control-plane-machine-set-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g074a22c.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404170009.p0.gd4a1162.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-dns-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5553a22.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-etcd-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g74f5363.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-image-registry-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd139e6b.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-ingress-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd876f5a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-kube-apiserver-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404171239.p0.g2eab0f9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-kube-cluster-api-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb287d08.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-kube-controller-manager-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g4e05963.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-kube-scheduler-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g33f630d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9cd9922.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-machine-approver",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g711b4f6.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-monitoring-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404170009.p0.g1839fb4.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-network-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd429c8b.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-node-tuning-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404171239.p0.g88d3f42.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-node-tuning-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404171239.p0.g88d3f42.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-olm-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g0dbbb61.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-openshift-apiserver-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8bd8602.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-openshift-controller-manager-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g3985c55.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-platform-operators-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g08fb27e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-policy-controller-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g219f6f6.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-samples-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g61a3465.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-storage-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gaab7b5b.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-version-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gaf210dc.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-configmap-reloader",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g716a0c3.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf6b13c7.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g855f3fc.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-container-networking-plugins-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7295a5e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-coredns",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7d3fa77.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-driver-manila-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g697083a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-driver-manila-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd93a218.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-driver-nfs-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ge1dd453.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-driver-shared-resource-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gc273cd5.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-driver-shared-resource-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9232c1f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-driver-shared-resource-webhook-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9232c1f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-attacher",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g06e8ce0.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-attacher-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g06e8ce0.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-provisioner",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g78a710f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-provisioner-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g78a710f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-resizer",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g59a701a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-resizer-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g59a701a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-snapshotter",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga683453.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-external-snapshotter-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga683453.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-livenessprobe",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga9bcbde.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-livenessprobe-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga9bcbde.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-node-driver-registrar",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9dcaa7f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-node-driver-registrar-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9dcaa7f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-snapshot-controller",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga683453.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-snapshot-controller-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga683453.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-csi-snapshot-validation-webhook-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga683453.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-deployer",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9c104de.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-registry",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb31bf58.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-etcd-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404171239.p0.gb0c0321.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-gcp-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g09e96a9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-gcp-cluster-api-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd99fb31.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-gcp-pd-csi-driver-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g95d55a0.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-gcp-pd-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8a626fe.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-haproxy-router",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb3af193.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-hyperkube-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7bee54d.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-hypershift-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404170009.p0.g96b62a5.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ibmcloud-cluster-api-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g004ecde.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ibm-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g446871f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ibmcloud-machine-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gc28b223.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7fd94aa.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ibm-vpc-block-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g02471d9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ibm-vpc-node-label-updater-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g44a2b94.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-image-customization-controller-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2a6627b.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-insights-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g1c0ecea.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-installer",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g78da43a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-installer-artifacts",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g78da43a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ironic-agent-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g264fa5c.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ironic-machine-os-downloader-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7b56c30.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ironic-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7296ed5.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ironic-static-ip-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gc038d5a.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-k8s-prometheus-adapter",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g801a912.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kube-proxy",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g1a9befc.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kube-rbac-proxy",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g1a646b9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kube-state-metrics",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gdb0c549.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kube-storage-version-migrator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8558e14.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kubevirt-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7d96f56.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kuryr-cni-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8926a29.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-kuryr-controller-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404170009.p0.g8926a29.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-libvirt-machine-controllers",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g34dfccb.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-api-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g27f5650.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-api-provider-aws-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ge292817.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-api-provider-azure-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8666a36.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-api-provider-gcp-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga676e6b.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-api-provider-openstack-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8985876.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-config-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7c0025b.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-os-images-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gd3a4a6c.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-admission-controller",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5e74b0f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-cni",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g823eb51.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-networkpolicy-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gcd6eae1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-route-override-cni-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g078aee5.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-whereabouts-ipam-cni-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g13aebf7.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-must-gather",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g833e1de.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-network-interface-bond-cni-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g29f61f6.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-network-metrics-daemon-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g69d0021.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-nutanix-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gbc56886.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-nutanix-machine-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g6f50b1a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-oauth-apiserver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8f5c90c.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-oauth-proxy",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga4a2f27.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-oauth-server-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g35f4739.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-olm-catalogd-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga333cb0.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-olm-operator-controller-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gfb6fb27.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-olm-rukpak-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2287fb2.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-apiserver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g9e9b51d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g27209ef.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-state-metrics-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gdff4b0f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openstack-cinder-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g697083a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g3a74316.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openstack-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g697083a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gdcfcfb3.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-marketplace",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga367cea.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-registry",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gdcfcfb3.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ovirt-machine-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5d70863.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ovn-kubernetes",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2fdbd1b.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ovn-kubernetes-microshift-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2fdbd1b.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ovn-kubernetes-rhel9",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2fdbd1b.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-pod",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7bee54d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-powervs-block-csi-driver-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g7436369.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-powervs-block-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g8ecfd7f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-powervs-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g32c1028.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-powervs-machine-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g1a957da.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prometheus",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb7c61bc.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prometheus-alertmanager",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ge372516.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prometheus-config-reloader",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga4b845a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prometheus-node-exporter",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5ee0a9d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prometheus-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga4b845a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prometheus-operator-admission-webhook-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga4b845a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-prom-label-proxy",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gaf40ed0.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-sdn-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g1a9befc.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-service-ca-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g3c3f82f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-telemeter",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gc683f65.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-tests",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf066e57.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-thanos-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga267125.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-tools-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf7b14a9.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5d5105f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vmware-vsphere-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga5ed57f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vsphere-cloud-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gb04567f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vsphere-cluster-api-controllers-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g72e998c.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vsphere-csi-driver-operator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g5d5105f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vsphere-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga5ed57f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vsphere-csi-driver-syncer-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.ga5ed57f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vsphere-problem-detector-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gece171d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ovirt-csi-driver-rhel7",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf21b470.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ovirt-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.gf21b470.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ovirt-csi-driver-rhel8-operator",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g2fa33aa.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-monitoring-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202404161612.p0.g00d04f5.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/endpoint-monitoring-rhel9-operator",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/grafana-dashboard-loader-rhel9",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/metrics-collector-rhel9",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/multicluster-observability-rhel8-operator",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/rbac-query-proxy-rhel8",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "openshift3/ose-cluster-monitoring-operator",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Calvinna Caswara (noris network AG) and Patrick Gress (noris network AG) for reporting this issue.",
            },
         ],
         datePublic: "2024-04-03T09:19:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A credentials leak vulnerability was found in the cluster monitoring operator in OCP.  This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-200",
                     description: "Exposure of Sensitive Information to an Unauthorized Actor",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-06T08:21:10.525Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:1887",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1887",
            },
            {
               name: "RHSA-2024:1891",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1891",
            },
            {
               name: "RHSA-2024:2047",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2047",
            },
            {
               name: "RHSA-2024:2782",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2782",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-1139",
            },
            {
               name: "RHBZ#2262158",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262158",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-01-31T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-04-03T09:19:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Cluster-monitoring-operator: credentials leak",
         x_redhatCweChain: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-1139",
      datePublished: "2024-04-25T16:25:01.080Z",
      dateReserved: "2024-01-31T20:48:06.154Z",
      dateUpdated: "2025-02-06T08:21:10.525Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0750
Vulnerability from cvelistv5
Published
2025-01-28 09:29
Modified
2025-03-15 07:49
Severity ?
6.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Summary
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
References
https://access.redhat.com/errata/RHSA-2025:1122vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0750vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2339405issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 0:1.30.10-3.rhaos4.17.gitd088fcf.el9   < *
    cpe:/a:redhat:openshift:4.17::el8
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0750",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-28T14:36:21.846521Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-01-28T14:36:30.599Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/cri-o/cri-o",
               defaultStatus: "unaffected",
               packageName: "cri-o",
               versions: [
                  {
                     lessThan: "1.33.1",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el8",
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.30.10-3.rhaos4.17.gitd088fcf.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Dongha Kim for reporting this issue.",
            },
         ],
         datePublic: "2025-01-22T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.6,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T07:49:19.161Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:1122",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1122",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0750",
            },
            {
               name: "RHBZ#2339405",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2339405",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-01-22T05:30:33.616000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-22T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Cri-o: cri-o path traversal in log handling functions allows arbitrary unmounting",
         x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0750",
      datePublished: "2025-01-28T09:29:30.831Z",
      dateReserved: "2025-01-27T13:53:22.286Z",
      dateUpdated: "2025-03-15T07:49:19.161Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-8676
Vulnerability from cvelistv5
Published
2024-11-26 19:15
Modified
2025-03-04 18:20
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pod spec, verifying that the pod has access to the mounts it specifies are not applicable to a restored container. This flaw allows a malicious user to trick CRI-O into restoring a pod that doesn't have access to host mounts. The user needs access to the kubelet or cri-o socket to call the restore endpoint and trigger the restore.
References
https://access.redhat.com/errata/RHBA-2024:10826vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0648vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1908vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8676vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2313842issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 1.30.0   
Version: 1.31.0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.11-7.rhaos4.15.gitc4c0556.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.11-3.rhaos4.16.git16d9bd6.el8   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 0:1.31.5-5.rhaos4.18.git6dfa0a6.el8   < *
    cpe:/a:redhat:openshift:4.18::el8
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-8676",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-26T21:01:28.945651Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-26T21:01:45.208Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/cri-o/cri-o",
               defaultStatus: "unaffected",
               packageName: "cri-o",
               versions: [
                  {
                     lessThan: "1.29.11",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.30.8",
                     status: "affected",
                     version: "1.30.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.31.3",
                     status: "affected",
                     version: "1.31.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.11-7.rhaos4.15.gitc4c0556.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.29.11-3.rhaos4.16.git16d9bd6.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el8",
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.31.5-5.rhaos4.18.git6dfa0a6.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:rhel8/conmon",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-26T18:21:38.116Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pod spec, verifying that the pod has access to the mounts it specifies are not applicable to a restored container. This flaw allows a malicious user to trick CRI-O into restoring a pod that doesn't have access to host mounts. The user needs access to the kubelet or cri-o socket to call the restore endpoint and trigger the restore.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-285",
                     description: "Improper Authorization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-04T18:20:24.881Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHBA-2024:10826",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHBA-2024:10826",
            },
            {
               name: "RHSA-2025:0648",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0648",
            },
            {
               name: "RHSA-2025:1908",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1908",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-8676",
            },
            {
               name: "RHBZ#2313842",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2313842",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-09-20T19:45:05.331000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-26T18:21:38.116000+00:00",
               value: "Made public.",
            },
         ],
         title: "Cri-o: checkpoint restore can be triggered from different namespaces",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-285: Improper Authorization",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-8676",
      datePublished: "2024-11-26T19:15:48.475Z",
      dateReserved: "2024-09-10T19:56:52.932Z",
      dateUpdated: "2025-03-04T18:20:24.881Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-2182
Vulnerability from cvelistv5
Published
2024-03-12 16:18
Modified
2024-11-15 15:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.
References
https://access.redhat.com/errata/RHSA-2024:1385vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1386vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1387vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1388vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1390vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1391vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1392vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1393vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1394vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4035vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-2182vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2267840issue-tracking, x_refsource_REDHAT
https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html
https://www.openwall.com/lists/oss-security/2024/03/12/5
Impacted products
Vendor Product Version
Version: 20.03.0   
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:23.06.1-112.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:22.12.1-94.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:22.03.3-71.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:23.03.1-100.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:21.12.0-142.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:23.09.0-136.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:23.06.1-112.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:22.12.1-94.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:22.03.3-71.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:23.03.1-100.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-2182",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-03-13T14:24:40.610508Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-05T17:22:21.535Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T19:03:39.232Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/03/12/5",
               },
               {
                  name: "RHSA-2024:1385",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1385",
               },
               {
                  name: "RHSA-2024:1386",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1386",
               },
               {
                  name: "RHSA-2024:1387",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1387",
               },
               {
                  name: "RHSA-2024:1388",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1388",
               },
               {
                  name: "RHSA-2024:1390",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1390",
               },
               {
                  name: "RHSA-2024:1391",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1391",
               },
               {
                  name: "RHSA-2024:1392",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1392",
               },
               {
                  name: "RHSA-2024:1393",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1393",
               },
               {
                  name: "RHSA-2024:1394",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1394",
               },
               {
                  name: "RHSA-2024:4035",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4035",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-2182",
               },
               {
                  name: "RHBZ#2267840",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267840",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2024/03/12/5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.github.com/ovn-org/ovn/",
               defaultStatus: "unaffected",
               packageName: "ovn",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "20.03.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.06",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.06.1-112.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.12.1-94.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.03.3-71.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.03.1-100.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn-2021",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:21.12.0-142.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.09",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.09.0-136.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.06",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.06.1-112.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.12.1-94.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.03.3-71.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.03.1-100.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.11",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.12",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.13",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.11",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.12",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn2.13",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.06",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.09",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn-2021",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.06",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.09",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Frode Nordahl (Canonical) for reporting this issue.",
            },
         ],
         datePublic: "2024-03-12T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-346",
                     description: "Origin Validation Error",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-15T15:29:03.042Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:1385",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1385",
            },
            {
               name: "RHSA-2024:1386",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1386",
            },
            {
               name: "RHSA-2024:1387",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1387",
            },
            {
               name: "RHSA-2024:1388",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1388",
            },
            {
               name: "RHSA-2024:1390",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1390",
            },
            {
               name: "RHSA-2024:1391",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1391",
            },
            {
               name: "RHSA-2024:1392",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1392",
            },
            {
               name: "RHSA-2024:1393",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1393",
            },
            {
               name: "RHSA-2024:1394",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1394",
            },
            {
               name: "RHSA-2024:4035",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4035",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-2182",
            },
            {
               name: "RHBZ#2267840",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267840",
            },
            {
               url: "https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html",
            },
            {
               url: "https://www.openwall.com/lists/oss-security/2024/03/12/5",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-04T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-03-12T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Ovn: insufficient validation of bfd packets may lead to denial of service",
         x_redhatCweChain: "CWE-346: Origin Validation Error",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-2182",
      datePublished: "2024-03-12T16:18:31.829Z",
      dateReserved: "2024-03-05T00:40:55.429Z",
      dateUpdated: "2024-11-15T15:29:03.042Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-2905
Vulnerability from cvelistv5
Published
2024-04-25 17:44
Modified
2025-03-12 02:26
Severity ?
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.
References
https://access.redhat.com/errata/RHSA-2024:3401vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3823vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-2905vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2271585issue-tracking, x_refsource_REDHAT
https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6
Impacted products
Vendor Product Version
Version: 1.2024.4
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2024.3-3.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2023.3-2.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-2905",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-04-25T19:10:45.667596Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:29:28.680Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T19:25:42.154Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:3401",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3401",
               },
               {
                  name: "RHSA-2024:3823",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:3823",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-2905",
               },
               {
                  name: "RHBZ#2271585",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271585",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/coreos/rpm-ostree",
               defaultStatus: "unaffected",
               packageName: "rpm-ostree",
               versions: [
                  {
                     status: "affected",
                     version: "1.2024.4",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "rpm-ostree",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2024.3-3.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "rpm-ostree",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:2023.3-2.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "rpm-ostree",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rpm-ostree",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-04-09T11:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-732",
                     description: "Incorrect Permission Assignment for Critical Resource",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-12T02:26:09.653Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:3401",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3401",
            },
            {
               name: "RHSA-2024:3823",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3823",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-2905",
            },
            {
               name: "RHBZ#2271585",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271585",
            },
            {
               url: "https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-26T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-04-09T11:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rpm-ostree: world-readable /etc/shadow file",
         workarounds: [
            {
               lang: "en",
               value: "If you need to apply the fix immediately, you can run the following commands, using credentials that have administrator access to an OpenShift cluster:\n\n# List current permissions for all nodes\nfor node in $( oc get nodes -oname) ; do echo $node ; oc debug $node -- bash -c \"ls -alhZ /host/etc/*shadow*\"; done\n\n# Set correct permissions\nfor node in $( oc get nodes -oname) ; do echo $node ; oc debug $node -- chmod --verbose 0000 /host/etc/shadow /host/etc/gshadow /host/etc/shadow- /host/etc/gshadow-; done\n\nAs a precaution, we recommend rotating all user credentials stored in those files.",
            },
         ],
         x_redhatCweChain: "CWE-732: Incorrect Permission Assignment for Critical Resource",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-2905",
      datePublished: "2024-04-25T17:44:15.985Z",
      dateReserved: "2024-03-26T11:53:25.040Z",
      dateUpdated: "2025-03-12T02:26:09.653Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-52616
Vulnerability from cvelistv5
Published
2024-11-21 20:41
Modified
2025-03-14 11:51
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
References
https://access.redhat.com/security/cve/CVE-2024-52616vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2326429issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-52616",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T21:06:40.598366Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T21:12:09.458Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/avahi/avahi/",
               defaultStatus: "unaffected",
               packageName: "avahi",
               versions: [
                  {
                     lessThan: "0.9",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "avahi",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "avahi",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "avahi",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-15T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-334",
                     description: "Small Space of Random Values",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-14T11:51:58.469Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-52616",
            },
            {
               name: "RHBZ#2326429",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2326429",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-15T09:48:21.460000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-15T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Avahi: avahi wide-area dns predictable transaction ids",
         x_redhatCweChain: "CWE-334: Small Space of Random Values",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-52616",
      datePublished: "2024-11-21T20:41:11.636Z",
      dateReserved: "2024-11-15T08:38:03.183Z",
      dateUpdated: "2025-03-14T11:51:58.469Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1485
Vulnerability from cvelistv5
Published
2024-02-13 23:31
Modified
2025-03-12 23:49
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H
Summary
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed.
References
https://access.redhat.com/security/cve/CVE-2024-1485vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2264106issue-tracking, x_refsource_REDHAT
https://github.com/advisories/GHSA-84xv-jfrm-h4gm
https://github.com/devfile/registry-support/commit/0e44b9ca6d03fac4fc3f77d37656d56dc5defe0d
https://github.com/devfile/registry-support/pull/197
Impacted products
Vendor Product Version
Version: 1.16.2
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1485",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-02-21T20:39:09.253403Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-05T17:21:53.512Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:40:21.236Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-1485",
               },
               {
                  name: "RHBZ#2264106",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264106",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/advisories/GHSA-84xv-jfrm-h4gm",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/devfile/registry-support/commit/0e44b9ca6d03fac4fc3f77d37656d56dc5defe0d",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/devfile/registry-support/pull/197",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/devfile/registry-support",
               defaultStatus: "unaffected",
               packageName: "registry-support",
               versions: [
                  {
                     status: "affected",
                     version: "1.16.2",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "odo",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Joern Schneeweisz (GitLab Security Research Team) for reporting this issue.",
            },
         ],
         datePublic: "2024-02-05T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-23",
                     description: "Relative Path Traversal",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-12T23:49:04.173Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-1485",
            },
            {
               name: "RHBZ#2264106",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264106",
            },
            {
               url: "https://github.com/advisories/GHSA-84xv-jfrm-h4gm",
            },
            {
               url: "https://github.com/devfile/registry-support/commit/0e44b9ca6d03fac4fc3f77d37656d56dc5defe0d",
            },
            {
               url: "https://github.com/devfile/registry-support/pull/197",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-02-13T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-02-05T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Registry-support: decompress can delete files outside scope via relative paths",
         workarounds: [
            {
               lang: "en",
               value: "Limit or block the parsing of devfiles from untrusted sources.",
            },
         ],
         x_redhatCweChain: "CWE-349->CWE-23: Acceptance of Extraneous Untrusted Data With Trusted Data leads to Relative Path Traversal",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-1485",
      datePublished: "2024-02-13T23:31:14.427Z",
      dateReserved: "2024-02-13T21:47:23.979Z",
      dateUpdated: "2025-03-12T23:49:04.173Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45783
Vulnerability from cvelistv5
Published
2025-02-18 19:26
Modified
2025-03-19 19:31
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.
References
https://access.redhat.com/security/cve/CVE-2024-45783vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345863issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45783",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T14:42:27.841966Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T15:15:06.176Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-911",
                     description: "Improper Update of Reference Count",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-19T19:31:28.521Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45783",
            },
            {
               name: "RHBZ#2345863",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345863",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-14T22:13:21.370000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/hfs+: refcount can be decremented twice",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-911: Improper Update of Reference Count",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45783",
      datePublished: "2025-02-18T19:26:07.767Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-19T19:31:28.521Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-43167
Vulnerability from cvelistv5
Published
2024-08-08 20:24
Modified
2024-10-21 11:19
Severity ?
2.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Summary
DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly.
References
https://access.redhat.com/security/cve/CVE-2024-43167vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2303456issue-tracking, x_refsource_REDHAT
https://github.com/NLnetLabs/unbound/issues/1072
https://github.com/NLnetLabs/unbound/pull/1073/files
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-43167",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-09T12:53:54.420983Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-09T12:54:00.358Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-16T20:02:53.862Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/08/16/6",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "openstack-unbound-container",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "openstack-unbound-container",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:18.0",
               ],
               defaultStatus: "affected",
               packageName: "openstack-unbound-container",
               product: "Red Hat OpenStack Platform 18.0",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-08-07T02:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "LOW",
                  baseScore: 2.8,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-21T11:19:11.740Z",
            orgId: "206fc3a0-e175-490b-9eaa-a5738056c9f6",
            shortName: "NLnet Labs",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-43167",
            },
            {
               name: "RHBZ#2303456",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303456",
            },
            {
               url: "https://github.com/NLnetLabs/unbound/issues/1072",
            },
            {
               url: "https://github.com/NLnetLabs/unbound/pull/1073/files",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-21T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-08-07T02:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Unbound: null pointer dereference in unbound",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-476: NULL Pointer Dereference",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-43167",
      datePublished: "2024-08-08T20:24:49.932Z",
      dateReserved: "2024-08-07T13:02:00.798Z",
      dateUpdated: "2024-10-21T11:19:11.740Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-9407
Vulnerability from cvelistv5
Published
2024-10-01 20:13
Modified
2025-03-14 12:02
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N
Summary
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.
References
https://access.redhat.com/errata/RHSA-2024:10147vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8846vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9051vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9926vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9407vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2315887issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241023085649.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:1.33.11-1.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411201433-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9407",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-01T20:38:18.374514Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-01T20:38:33.629Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-12-20T13:06:46.310Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://security.netapp.com/advisory/ntap-20241220-0010/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/podman",
               defaultStatus: "unaffected",
               packageName: "podman",
               versions: [
                  {
                     lessThan: "5.2.4",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://github.com/containers/buildah",
               defaultStatus: "unaffected",
               packageName: "buildah",
               versions: [
                  {
                     lessThan: "1.37.4",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020241023085649.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-16.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:5.2.2-9.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.37.5-1.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.11-1.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202411201433-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-10-01T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "LOW",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-14T12:02:35.154Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10147",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10147",
            },
            {
               name: "RHSA-2024:8846",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8846",
            },
            {
               name: "RHSA-2024:9051",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9051",
            },
            {
               name: "RHSA-2024:9454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9454",
            },
            {
               name: "RHSA-2024:9459",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9459",
            },
            {
               name: "RHSA-2024:9926",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9926",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-9407",
            },
            {
               name: "RHBZ#2315887",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315887",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-01T10:33:54.248000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-10-01T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-20: Improper Input Validation",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-9407",
      datePublished: "2024-10-01T20:13:29.588Z",
      dateReserved: "2024-10-01T10:55:34.838Z",
      dateUpdated: "2025-03-14T12:02:35.154Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7387
Vulnerability from cvelistv5
Published
2024-09-16 23:58
Modified
2025-01-09 08:33
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the `spec.source.secrets.secret.destinationDir` attribute of the `BuildConfig` definition. An attacker running code in a privileged container could escalate their permissions on the node running the container.
References
https://access.redhat.com/errata/RHSA-2024:3718vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6685vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6687vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6689vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6691vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6705vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7387vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2302259issue-tracking, x_refsource_REDHAT
https://stuxxn.github.io/advisory/2024/10/02/openshift-build-docker-priv-esc.html
Impacted products
Vendor Product Version
Version: 0
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202409121032.p1.g609473f.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202409120505.p1.g2c7e99d.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202409111409.p1.g52565ca.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409101936.p1.ge7749a3.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202409101737.p1.gfee4b58.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409122005.p1.gcfcf3bd.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7387",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-07T20:31:09.766421Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-07T20:31:23.564Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/builder",
               defaultStatus: "unaffected",
               packageName: "openshift/builder",
               versions: [
                  {
                     lessThan: "0b62633adfa2836465202bc851885e078ec888d1",
                     status: "affected",
                     version: "0",
                     versionType: "git",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.12.0-202409121032.p1.g609473f.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202409120505.p1.g2c7e99d.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202409111409.p1.g52565ca.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409101936.p1.ge7749a3.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202409101737.p1.gfee4b58.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202409122005.p1.gcfcf3bd.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Armin Stock for reporting this issue.",
            },
         ],
         datePublic: "2024-09-16T08:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the `spec.source.secrets.secret.destinationDir` attribute of the `BuildConfig` definition. An attacker running code in a privileged container could escalate their permissions on the node running the container.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-250",
                     description: "Execution with Unnecessary Privileges",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-09T08:33:51.197Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:3718",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3718",
            },
            {
               name: "RHSA-2024:6685",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6685",
            },
            {
               name: "RHSA-2024:6687",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6687",
            },
            {
               name: "RHSA-2024:6689",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6689",
            },
            {
               name: "RHSA-2024:6691",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6691",
            },
            {
               name: "RHSA-2024:6705",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6705",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-7387",
            },
            {
               name: "RHBZ#2302259",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2302259",
            },
            {
               url: "https://stuxxn.github.io/advisory/2024/10/02/openshift-build-docker-priv-esc.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-08-01T15:12:45+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-09-16T08:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy",
         workarounds: [
            {
               lang: "en",
               value: "Cluster admins can follow the instructions in \"Securing Builds by Strategy\" to block use of the \"Docker\" build strategy on a cluster, or restrict the use to a set of highly trusted users, until the cluster is able to be upgraded.\n\nhttps://docs.openshift.com/container-platform/4.16/cicd/builds/securing-builds-by-strategy.html",
            },
         ],
         x_redhatCweChain: "CWE-250: Execution with Unnecessary Privileges",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-7387",
      datePublished: "2024-09-16T23:58:35.176Z",
      dateReserved: "2024-08-01T15:14:15.077Z",
      dateUpdated: "2025-01-09T08:33:51.197Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-1125
Vulnerability from cvelistv5
Published
2025-03-03 14:16
Modified
2025-03-05 20:12
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-1125vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346138issue-tracking, x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-1125",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-03T15:11:35.948515Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-03T15:11:48.262Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-05T20:12:58.286Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-1125",
            },
            {
               name: "RHBZ#2346138",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346138",
            },
            {
               url: "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T17:32:11.551000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write",
         workarounds: [
            {
               lang: "en",
               value: "Do not run grub2 in an untrusted environment, specifically with a HFS file system image.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-1125",
      datePublished: "2025-03-03T14:16:13.252Z",
      dateReserved: "2025-02-07T20:34:30.777Z",
      dateUpdated: "2025-03-05T20:12:58.286Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45776
Vulnerability from cvelistv5
Published
2025-02-18 19:25
Modified
2025-03-15 00:17
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2024-45776vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2339182issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45776",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T14:43:26.391966Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T15:15:24.380Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:17:59.694Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45776",
            },
            {
               name: "RHBZ#2339182",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2339182",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-01-21T18:11:28.747000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45776",
      datePublished: "2025-02-18T19:25:45.929Z",
      dateReserved: "2024-09-08T01:57:12.947Z",
      dateUpdated: "2025-03-15T00:17:59.694Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-11831
Vulnerability from cvelistv5
Published
2025-02-10 15:27
Modified
2025-03-24 11:19
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
References
https://access.redhat.com/errata/RHSA-2025:1334vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1468vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11831vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2312579issue-tracking, x_refsource_REDHAT
https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e
https://github.com/yahoo/serialize-javascript/pull/173
Impacted products
Vendor Product Version
Version: 6.0   
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.8-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.6-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Cryostat 3     cpe:/a:redhat:cryostat:3
 Create a notification for this product.
   Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
 Create a notification for this product.
   Red Hat Migration Toolkit for Applications 7     cpe:/a:redhat:migration_toolkit_applications:7
 Create a notification for this product.
   Red Hat Migration Toolkit for Applications 7     cpe:/a:redhat:migration_toolkit_applications:7
 Create a notification for this product.
   Red Hat Migration Toolkit for Virtualization     cpe:/a:redhat:migration_toolkit_virtualization:2
 Create a notification for this product.
   Red Hat .NET 6.0 on Red Hat Enterprise Linux     cpe:/a:redhat:rhel_dotnet:6.0
 Create a notification for this product.
   Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
 Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
 Create a notification for this product.
   Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
 Create a notification for this product.
   Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat build of Apache Camel - HawtIO 4     cpe:/a:redhat:rhboac_hawtio:4
 Create a notification for this product.
   Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
 Create a notification for this product.
   Red Hat Red Hat Build of Keycloak     cpe:/a:redhat:build_keycloak:
 Create a notification for this product.
   Red Hat Red Hat build of OptaPlanner 8     cpe:/a:redhat:optaplanner:::el6
 Create a notification for this product.
   Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
 Create a notification for this product.
   Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
 Create a notification for this product.
   Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
 Create a notification for this product.
   Red Hat Red Hat Discovery     cpe:/a:redhat:discovery:1
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
 Create a notification for this product.
   Red Hat Red Hat Integration Camel K 1     cpe:/a:redhat:integration:1
 Create a notification for this product.
   Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
 Create a notification for this product.
   Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
 Create a notification for this product.
   Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
 Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
 Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
 Create a notification for this product.
   Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
 Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
 Create a notification for this product.
   Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-11831",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-10T17:08:31.160473Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-10T17:08:44.112Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/yahoo/serialize-javascript",
               packageName: "serialize-javascript",
               versions: [
                  {
                     lessThan: "6.0.2",
                     status: "affected",
                     version: "6.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.8-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.6-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:cryostat:3",
               ],
               defaultStatus: "affected",
               packageName: "serialize-javascript",
               product: "Cryostat 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:logging:5",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-logging/kibana6-rhel8",
               product: "Logging Subsystem for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:migration_toolkit_applications:7",
               ],
               defaultStatus: "unaffected",
               packageName: "mta/mta-cli-rhel9",
               product: "Migration Toolkit for Applications 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:migration_toolkit_applications:7",
               ],
               defaultStatus: "unaffected",
               packageName: "mta/mta-ui-rhel9",
               product: "Migration Toolkit for Applications 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:migration_toolkit_virtualization:2",
               ],
               defaultStatus: "unknown",
               packageName: "migration-toolkit-virtualization/mtv-console-plugin-rhel9",
               product: "Migration Toolkit for Virtualization",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_dotnet:6.0",
               ],
               defaultStatus: "unknown",
               packageName: "rh-dotnet60-dotnet",
               product: ".NET 6.0 on Red Hat Enterprise Linux",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_lightspeed",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-lightspeed-beta/lightspeed-console-plugin-rhel9",
               product: "OpenShift Lightspeed",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_pipelines:1",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-pipelines-console-plugin-rhel8-container",
               product: "OpenShift Pipelines",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_pipelines:1",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-pipelines/pipelines-hub-api-rhel8",
               product: "OpenShift Pipelines",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_pipelines:1",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-pipelines/pipelines-hub-db-migration-rhel8",
               product: "OpenShift Pipelines",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_pipelines:1",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-pipelines/pipelines-hub-ui-rhel8",
               product: "OpenShift Pipelines",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_mesh:2",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-service-mesh/kiali-ossmc-rhel8",
               product: "OpenShift Service Mesh 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_mesh:2",
               ],
               defaultStatus: "unknown",
               packageName: "openshift-service-mesh/kiali-rhel8",
               product: "OpenShift Service Mesh 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:red_hat_3scale_amp:2",
               ],
               defaultStatus: "unknown",
               packageName: "3scale-amp-system-container",
               product: "Red Hat 3scale API Management Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/console-rhel8",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-central-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-rhel8-operator",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-roxctl-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-scanner-v4-rhel8",
               product: "Red Hat Advanced Cluster Security 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "unknown",
               packageName: "aap-cloud-ui-container",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "unknown",
               packageName: "ansible-automation-platform-24/lightspeed-rhel8",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "unknown",
               packageName: "automation-controller",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "unknown",
               packageName: "automation-eda-controller",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhboac_hawtio:4",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat build of Apache Camel - HawtIO 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_registry:2",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat build of Apicurio Registry 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:build_keycloak:",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat Build of Keycloak",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:optaplanner:::el6",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat build of OptaPlanner 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:jboss_data_grid:8",
               ],
               defaultStatus: "unaffected",
               packageName: "serialize-javascript",
               product: "Red Hat Data Grid 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:rhdh:1",
               ],
               defaultStatus: "unaffected",
               packageName: "rhdh-operator-container",
               product: "Red Hat Developer Hub",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhdh:1",
               ],
               defaultStatus: "unaffected",
               packageName: "rhdh/rhdh-hub-rhel9",
               product: "Red Hat Developer Hub",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:discovery:1",
               ],
               defaultStatus: "unknown",
               packageName: "discovery-server-container",
               product: "Red Hat Discovery",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "dotnet6.0",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "dotnet8.0",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "pcs",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unknown",
               packageName: "dotnet6.0",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unknown",
               packageName: "dotnet7.0",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unknown",
               packageName: "dotnet8.0",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unknown",
               packageName: "pcs",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:jboss_fuse:7",
               ],
               defaultStatus: "affected",
               packageName: "serialize-javascript",
               product: "Red Hat Fuse 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:integration:1",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat Integration Camel K 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
               cpes: [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat JBoss Enterprise Application Platform 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
               cpes: [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat JBoss Enterprise Application Platform 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
               cpes: [
                  "cpe:/a:redhat:jbosseapxp",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat JBoss Enterprise Application Platform Expansion Pack",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "unaffected",
               packageName: "odh-dashboard-container",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "unaffected",
               packageName: "odh-dashboard-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-data-science-pipelines-argo-argoexec-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-data-science-pipelines-argo-workflowcontroller-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-kf-notebook-controller-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-ml-pipelines-api-server-v2-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-ml-pipelines-driver-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-ml-pipelines-launcher-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-ml-pipelines-persistenceagent-v2-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "affected",
               packageName: "odh-ml-pipelines-scheduledworkflow-v2-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "unaffected",
               packageName: "odh-model-registry-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "unaffected",
               packageName: "odh-notebook-controller-rhel8",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai",
               ],
               defaultStatus: "unaffected",
               packageName: "odh-operator-container",
               product: "Red Hat OpenShift AI (RHOAI)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "openshift3/ose-console",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "openshift4/ose-monitoring-plugin-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "odf4/mcg-core-rhel8",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "odf4/ocs-client-console-rhel9",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "odf4/odf-console-rhel9",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "odf4/odf-multicluster-console-rhel8",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_devspaces:3:",
               ],
               defaultStatus: "unknown",
               packageName: "devspaces/code-rhel8",
               product: "Red Hat OpenShift Dev Spaces",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_devspaces:3:",
               ],
               defaultStatus: "unknown",
               packageName: "devspaces/dashboard-rhel8",
               product: "Red Hat OpenShift Dev Spaces",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_devspaces:3:",
               ],
               defaultStatus: "unknown",
               packageName: "devspaces/traefik-rhel8",
               product: "Red Hat OpenShift Dev Spaces",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-agent-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-all-in-one-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-collector-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-es-index-cleaner-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-es-rollover-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-ingester-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_distributed_tracing:3",
               ],
               defaultStatus: "unknown",
               packageName: "rhosdt/jaeger-query-rhel8",
               product: "Red Hat OpenShift distributed tracing 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat Process Automation 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:quay:3",
               ],
               defaultStatus: "unknown",
               packageName: "quay/quay-rhel8",
               product: "Red Hat Quay 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unknown",
               packageName: "nodejs-compression-webpack-plugin",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unknown",
               packageName: "nodejs-css-minimizer-webpack-plugin",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unknown",
               packageName: "nodejs-uglifyjs-webpack-plugin",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unknown",
               packageName: "nodejs-webpack",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:red_hat_single_sign_on:7",
               ],
               defaultStatus: "unknown",
               packageName: "serialize-javascript",
               product: "Red Hat Single Sign-On 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:trusted_profile_analyzer:1",
               ],
               defaultStatus: "unknown",
               packageName: "rhtpa/rhtpa-trustification-service-rhel9",
               product: "Red Hat Trusted Profile Analyzer",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-09-16T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-24T11:19:34.125Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:1334",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1334",
            },
            {
               name: "RHSA-2025:1468",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1468",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-11831",
            },
            {
               name: "RHBZ#2312579",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312579",
            },
            {
               url: "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e",
            },
            {
               url: "https://github.com/yahoo/serialize-javascript/pull/173",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-09-16T16:43:32.021000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-09-16T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-11831",
      datePublished: "2025-02-10T15:27:46.732Z",
      dateReserved: "2024-11-26T18:56:38.187Z",
      dateUpdated: "2025-03-24T11:19:34.125Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7631
Vulnerability from cvelistv5
Published
2025-03-19 18:47
Modified
2025-03-19 19:07
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.go#L112 Because of this unsafe filepath construction, an authenticated user can manipulate the path to retrieve any JSON files on the console's pod by using sequences of ../ and valid directory paths.
References
https://access.redhat.com/security/cve/CVE-2024-7631vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2296053issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7631",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-19T19:07:23.057581Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-19T19:07:41.995Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift3/ose-console",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-03-19T17:49:00.355Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.go#L112 Because of this unsafe filepath construction, an authenticated user can manipulate the path to retrieve any JSON files on the console's pod by using sequences of ../ and valid directory paths.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-19T18:47:27.721Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-7631",
            },
            {
               name: "RHBZ#2296053",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296053",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-05T19:21:49+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-03-19T17:49:00.355000+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-console: openshift console: path traversal",
         workarounds: [
            {
               lang: "en",
               value: "Red Hat Product Security does not have any recommended mitigations at this time. Please update to a patched version of the component as soon as it is available.",
            },
         ],
         x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-7631",
      datePublished: "2025-03-19T18:47:27.721Z",
      dateReserved: "2024-08-08T21:18:33.908Z",
      dateUpdated: "2025-03-19T19:07:41.995Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-26465
Vulnerability from cvelistv5
Published
2025-02-18 18:27
Modified
2025-03-28 14:34
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Summary
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
References
https://access.redhat.com/security/cve/CVE-2025-26465vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2344780issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2025-03-03T17:48:15.682Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html",
               },
               {
                  url: "https://www.openwall.com/lists/oss-security/2025/02/18/1",
               },
               {
                  url: "https://www.openwall.com/lists/oss-security/2025/02/18/4",
               },
               {
                  url: "https://www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/",
               },
               {
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1237040",
               },
               {
                  url: "https://security-tracker.debian.org/tracker/CVE-2025-26465",
               },
               {
                  url: "https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig",
               },
               {
                  url: "https://ubuntu.com/security/CVE-2025-26465",
               },
               {
                  url: "https://www.openssh.com/releasenotes.html#9.9p2",
               },
               {
                  url: "https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466",
               },
               {
                  url: "https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.html",
               },
               {
                  url: "https://security.netapp.com/advisory/ntap-20250228-0003/",
               },
               {
                  url: "https://www.vicarius.io/vsociety/posts/cve-2025-26465-detect-vulnerable-openssh",
               },
               {
                  url: "https://www.vicarius.io/vsociety/posts/cve-2025-26465-mitigate-vulnerable-openssh",
               },
            ],
            title: "CVE Program Container",
            x_generator: {
               engine: "ADPogram 0.0.1",
            },
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-26465",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T15:02:09.369445Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T15:02:45.555Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://seclists.org/oss-sec/2025/q1/144",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-17T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-390",
                     description: "Detection of Error Condition Without Action",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-28T14:34:36.916Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-26465",
            },
            {
               name: "RHBZ#2344780",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344780",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-10T21:56:03.853000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-17T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-390: Detection of Error Condition Without Action",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-26465",
      datePublished: "2025-02-18T18:27:16.843Z",
      dateReserved: "2025-02-10T18:31:47.978Z",
      dateUpdated: "2025-03-28T14:34:36.916Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-52615
Vulnerability from cvelistv5
Published
2024-11-21 20:34
Modified
2025-03-14 11:51
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
References
https://access.redhat.com/security/cve/CVE-2024-52615vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2326418issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-52615",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T21:06:27.515199Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T21:12:09.339Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/avahi/avahi/",
               defaultStatus: "unaffected",
               packageName: "avahi",
               versions: [
                  {
                     lessThan: "0.9",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "avahi",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "avahi",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "avahi",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-15T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-330",
                     description: "Use of Insufficiently Random Values",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-14T11:51:27.223Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-52615",
            },
            {
               name: "RHBZ#2326418",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2326418",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-15T08:39:36.023000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-15T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Avahi: avahi wide-area dns uses constant source port",
         x_redhatCweChain: "CWE-330: Use of Insufficiently Random Values",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-52615",
      datePublished: "2024-11-21T20:34:00.981Z",
      dateReserved: "2024-11-15T08:38:03.183Z",
      dateUpdated: "2025-03-14T11:51:27.223Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-4145
Vulnerability from cvelistv5
Published
2023-10-05 12:34
Modified
2024-09-03 13:34
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.
References
https://access.redhat.com/security/cve/CVE-2022-4145vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2148667issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a openshift
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T01:27:54.542Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2022-4145",
               },
               {
                  name: "RHBZ#2148667",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148667",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-4145",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-03T13:28:30.246692Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-03T13:34:13.619Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "affected",
               product: "openshift",
               vendor: "n/a",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by John Mazzitelli (Red Hat).",
            },
         ],
         datePublic: "2022-11-22T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-74",
                     description: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-10-05T12:34:57.523Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2022-4145",
            },
            {
               name: "RHBZ#2148667",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148667",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2022-11-26T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2022-11-22T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Content spoofing",
         x_redhatCweChain: "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2022-4145",
      datePublished: "2023-10-05T12:34:57.523Z",
      dateReserved: "2022-11-26T22:08:59.200Z",
      dateUpdated: "2024-09-03T13:34:13.619Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-3056
Vulnerability from cvelistv5
Published
2024-08-02 20:37
Modified
2024-12-27 16:03
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:H
Summary
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system.
References
https://access.redhat.com/security/cve/CVE-2024-3056vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2270717issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 5.0.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-3056",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-03T18:09:31.742310Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-03T18:09:40.413Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-12-27T16:03:02.350Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://security.netapp.com/advisory/ntap-20241227-0002/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/podman",
               defaultStatus: "unaffected",
               packageName: "podman",
               versions: [
                  {
                     status: "affected",
                     version: "5.0.0",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "kernel",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "kernel-rt",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "kernel",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "kernel-rt",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "kernel",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "kernel-rt",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-07-25T07:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-24T14:32:13.280Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-3056",
            },
            {
               name: "RHBZ#2270717",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270717",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-21T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-07-25T07:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Podman: kernel: containers in shared ipc namespace are vulnerable to denial of service attack",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-400: Uncontrolled Resource Consumption",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-3056",
      datePublished: "2024-08-02T20:37:59.053Z",
      dateReserved: "2024-03-28T19:59:39.848Z",
      dateUpdated: "2024-12-27T16:03:02.350Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-3248
Vulnerability from cvelistv5
Published
2023-10-05 13:28
Modified
2024-08-29 20:01
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.
References
https://access.redhat.com/security/cve/CVE-2022-3248vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2072188issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a kubernetes
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
 Create a notification for this product.
   Red Hat Red Hat Ansible Tower 3     cpe:/a:redhat:ansible_tower:3
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T01:07:05.652Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2022-3248",
               },
               {
                  name: "RHBZ#2072188",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072188",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-3248",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-29T19:59:13.226604Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-29T20:01:55.479Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "affected",
               product: "kubernetes",
               vendor: "n/a",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "affected",
               packageName: "rhacm2/agent-service-rhel8",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform",
               ],
               defaultStatus: "unaffected",
               packageName: "kubernetes",
               product: "Red Hat Ansible Automation Platform 1.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_tower:3",
               ],
               defaultStatus: "unaffected",
               packageName: "kubernetes",
               product: "Red Hat Ansible Tower 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "atomic-openshift",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2023-10-05T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in OpenShift API, as admission checks do not enforce \"custom-host\" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-863",
                     description: "Incorrect Authorization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-10-05T13:28:27.973Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2022-3248",
            },
            {
               name: "RHBZ#2072188",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072188",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2022-03-23T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-10-05T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift api admission checks does not enforce \"custom-host\" permissions",
         x_redhatCweChain: "CWE-863: Incorrect Authorization",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2022-3248",
      datePublished: "2023-10-05T13:28:27.973Z",
      dateReserved: "2022-09-20T14:18:05.021Z",
      dateUpdated: "2024-08-29T20:01:55.479Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-9355
Vulnerability from cvelistv5
Published
2024-10-01 18:17
Modified
2025-03-26 09:59
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Summary
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.
References
https://access.redhat.com/errata/RHSA-2024:10133vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7502vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7550vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8327vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8678vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8847vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9551vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2416vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9355vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2315719issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:0.10-2.el7_9   < *
    cpe:/o:redhat:rhel_els:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241001112709.a3795dee   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:9.2.10-20.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:5.1.1-9.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.21.13-4.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:9.2.10-19.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:5.1.1-4.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Streams for Apache Kafka 2.9.0     cpe:/a:redhat:amq_streams:2
 Create a notification for this product.
   Red Hat NBDE Tang Server     cpe:/a:redhat:network_bound_disk_encryption_tang:1
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Container Storage 4     cpe:/a:redhat:openshift_container_storage:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
 Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
 Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
 Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
 Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
 Create a notification for this product.
   Red Hat Red Hat Storage 3     cpe:/a:redhat:storage:3
 Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9355",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-01T18:35:51.670441Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-01T18:37:53.436Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/golang-fips/openssl",
               defaultStatus: "affected",
               packageName: "github.com/golang-fips/openssl",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_els:7",
               ],
               defaultStatus: "affected",
               packageName: "rhc-worker-script",
               product: "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:0.10-2.el7_9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "go-toolset:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020241001112709.a3795dee",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:9.2.10-20.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana-pcp",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:5.1.1-9.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "golang",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.21.13-4.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:9.2.10-19.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "grafana-pcp",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:5.1.1-4.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:amq_streams:2",
               ],
               defaultStatus: "unaffected",
               packageName: "golang-github-danielqsj-kafka_exporter",
               product: "Streams for Apache Kafka 2.9.0",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:network_bound_disk_encryption_tang:1",
               ],
               defaultStatus: "affected",
               packageName: "tang-operator-bundle-container",
               product: "NBDE Tang Server",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "helm",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "odo",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_pipelines:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-pipelines-client",
               product: "OpenShift Pipelines",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-clients",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform",
               ],
               defaultStatus: "affected",
               packageName: "helm",
               product: "Red Hat Ansible Automation Platform 1.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat Ansible Automation Platform 1.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "affected",
               packageName: "automation-gateway-proxy",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "affected",
               packageName: "receptor",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "affected",
               packageName: "host-metering",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/buildah",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/conmon",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/containernetworking-plugins",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/runc",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/skopeo",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8/toolbox",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "git-lfs",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "osbuild-composer",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "rhc",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "rsyslog",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "weldr-client",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "git-lfs",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grafana-pcp",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "gvisor-tap-vsock",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "opentelemetry-collector",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "osbuild-composer",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "rsyslog",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "toolbox",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "weldr-client",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "butane",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "conmon",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "conmon-rs",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "containernetworking-plugins",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "cri-tools",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "golang-github-prometheus-promu",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ignition",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "lifecycle-agent-operator-bundle-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "microshift",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/bare-metal-event-relay-operator-bundle",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/numaresources-operator-bundle",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-aws-efs-csi-driver-container-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-gcp-filestore-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-secrets-store-csi-driver-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-sriov-network-metrics-exporter-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-sriov-rdma-cni-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-vertical-pod-autoscaler-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/rdma-cni-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/sriov-network-metrics-exporter-rhel9",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/topology-aware-lifecycle-manager-operator-bundle",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ose-aws-ecr-image-credential-provider",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ose-azure-acr-image-credential-provider",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ose-gcp-gcr-image-credential-provider",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "runc",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_container_storage:4",
               ],
               defaultStatus: "affected",
               packageName: "mcg",
               product: "Red Hat Openshift Container Storage 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "mcg",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_devspaces:3:",
               ],
               defaultStatus: "unaffected",
               packageName: "devspaces/machineexec-rhel8",
               product: "Red Hat OpenShift Dev Spaces",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_gitops:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-gitops-1/gitops-operator-bundle",
               product: "Red Hat OpenShift GitOps",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_service_on_aws:1",
               ],
               defaultStatus: "affected",
               packageName: "rosa",
               product: "Red Hat OpenShift on AWS",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "kubevirt",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "etcd",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "golang-github-infrawatch-apputils",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "golang-qpid-apache",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "qpid-proton",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "etcd",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "golang-github-infrawatch-apputils",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "golang-qpid-apache",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "qpid-proton",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "affected",
               packageName: "foreman_ygg_worker",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unaffected",
               packageName: "qpid-proton",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unaffected",
               packageName: "satellite-capsule:el8/qpid-proton",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "affected",
               packageName: "satellite:el8/qpid-proton",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "affected",
               packageName: "satellite:el8/yggdrasil-worker-forwarder",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "affected",
               packageName: "yggdrasil",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "affected",
               packageName: "yggdrasil-worker-forwarder",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_interconnect:1",
               ],
               defaultStatus: "affected",
               packageName: "qpid-proton",
               product: "Red Hat Service Interconnect 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_interconnect:1",
               ],
               defaultStatus: "affected",
               packageName: "skupper-cli",
               product: "Red Hat Service Interconnect 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_interconnect:1",
               ],
               defaultStatus: "affected",
               packageName: "skupper-router",
               product: "Red Hat Service Interconnect 1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:storage:3",
               ],
               defaultStatus: "affected",
               packageName: "heketi",
               product: "Red Hat Storage 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:trusted_artifact_signer:1",
               ],
               defaultStatus: "affected",
               packageName: "rhtas/fulcio-rhel9",
               product: "Red Hat Trusted Artifact Signer",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by David Benoit (Red Hat).",
            },
         ],
         datePublic: "2024-09-30T20:53:42.833Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "LOW",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-457",
                     description: "Use of Uninitialized Variable",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-26T09:59:51.092Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10133",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10133",
            },
            {
               name: "RHSA-2024:7502",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7502",
            },
            {
               name: "RHSA-2024:7550",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7550",
            },
            {
               name: "RHSA-2024:8327",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8327",
            },
            {
               name: "RHSA-2024:8678",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8678",
            },
            {
               name: "RHSA-2024:8847",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8847",
            },
            {
               name: "RHSA-2024:9551",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9551",
            },
            {
               name: "RHSA-2025:2416",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2416",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-9355",
            },
            {
               name: "RHBZ#2315719",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315719",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-09-30T17:51:17.811000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-09-30T20:53:42.833000+00:00",
               value: "Made public.",
            },
         ],
         title: "Golang-fips: golang fips zeroed buffer",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-457: Use of Uninitialized Variable",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-9355",
      datePublished: "2024-10-01T18:17:29.420Z",
      dateReserved: "2024-09-30T17:07:30.833Z",
      dateUpdated: "2025-03-26T09:59:51.092Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45777
Vulnerability from cvelistv5
Published
2025-02-19 17:54
Modified
2025-03-11 17:00
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2024-45777vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346343issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45777",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T18:38:37.767457Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T18:38:59.247Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-11T17:00:09.700Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45777",
            },
            {
               name: "RHBZ#2346343",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346343",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-18T19:45:13.812000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: grub-core/gettext: integer overflow leads to heap oob write.",
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45777",
      datePublished: "2025-02-19T17:54:01.926Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-11T17:00:09.700Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7079
Vulnerability from cvelistv5
Published
2024-07-24 15:51
Modified
2024-12-03 20:22
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user's credentials. As a result, unauthenticated users can access this endpoint.
References
https://access.redhat.com/security/cve/CVE-2024-7079vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2299678issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7079",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-24T18:09:26.434060Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-24T18:09:33.310Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:52:30.604Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-7079",
               },
               {
                  name: "RHBZ#2299678",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299678",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "openshift3/ose-console",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Thibault Guittet (Red Hat).",
            },
         ],
         datePublic: "2024-07-24T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user's credentials. As a result, unauthenticated users can access this endpoint.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-306",
                     description: "Missing Authentication for Critical Function",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-03T20:22:49.051Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-7079",
            },
            {
               name: "RHBZ#2299678",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2299678",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-24T13:07:17+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-07-24T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-console: unauthenticated installation of helm charts",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-306: Missing Authentication for Critical Function",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-7079",
      datePublished: "2024-07-24T15:51:36.331Z",
      dateReserved: "2024-07-24T13:29:26.277Z",
      dateUpdated: "2024-12-03T20:22:49.051Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-9676
Vulnerability from cvelistv5
Published
2024-10-15 15:27
Modified
2025-03-19 23:30
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
References
https://access.redhat.com/errata/RHSA-2024:10289vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8418vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8428vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8437vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8686vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8690vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8694vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8700vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8984vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9051vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9926vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0876vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2710vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9676vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2317467issue-tracking, x_refsource_REDHAT
https://github.com/advisories/GHSA-wq2p-5pc6-wpgf
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241101101019.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:1.33.11-1.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-30.rhaos4.12.git53dc492.el8   < *
    cpe:/a:redhat:openshift:4.12::el9
    cpe:/a:redhat:openshift_ironic:4.12::el9
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-26.rhaos4.13.giteb3d487.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.8-12.rhaos4.14.git7597c43.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.11-5.rhaos4.15.git35a2431.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.9-6.rhaos4.16.gite7bd45a.el8   < *
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-12.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 0:1.30.6-6.rhaos4.17.git6ac6e96.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-1.rhaos4.17.el8   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202501281204.p0.ga753153.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9676",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-15T15:45:48.644647Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-15T15:46:17.963Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/storage/",
               defaultStatus: "unaffected",
               packageName: "containers/storage",
               versions: [
                  {
                     lessThan: "1.55.1",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020241101101019.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-16.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:5.2.2-9.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.37.5-1.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.11-1.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el9",
                  "cpe:/a:redhat:openshift_ironic:4.12::el9",
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.25.5-30.rhaos4.12.git53dc492.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.5-26.rhaos4.13.giteb3d487.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.8-12.rhaos4.14.git7597c43.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.11-5.rhaos4.15.git35a2431.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ironic:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.29.9-6.rhaos4.16.gite7bd45a.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el8",
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-12.rhaos4.16.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
                  "cpe:/a:redhat:openshift:4.17::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.30.6-6.rhaos4.17.git6ac6e96.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
                  "cpe:/a:redhat:openshift:4.17::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "5:5.2.2-1.rhaos4.17.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202501281204.p0.ga753153.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "jenkins-agent-base-rhel9-container",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "ocp-tools-4/jenkins-agent-base-rhel8",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "ocp-tools-4/jenkins-rhel8",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:quay:3",
               ],
               defaultStatus: "affected",
               packageName: "quay/quay-builder-rhel8",
               product: "Red Hat Quay 3",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Erik Sjölund <erik.sjolund@gmail.com> for reporting this issue.",
            },
         ],
         datePublic: "2024-10-15T15:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-19T23:30:59.599Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10289",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10289",
            },
            {
               name: "RHSA-2024:8418",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8418",
            },
            {
               name: "RHSA-2024:8428",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8428",
            },
            {
               name: "RHSA-2024:8437",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8437",
            },
            {
               name: "RHSA-2024:8686",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8686",
            },
            {
               name: "RHSA-2024:8690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8690",
            },
            {
               name: "RHSA-2024:8694",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8694",
            },
            {
               name: "RHSA-2024:8700",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8700",
            },
            {
               name: "RHSA-2024:8984",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8984",
            },
            {
               name: "RHSA-2024:9051",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9051",
            },
            {
               name: "RHSA-2024:9454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9454",
            },
            {
               name: "RHSA-2024:9459",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9459",
            },
            {
               name: "RHSA-2024:9926",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9926",
            },
            {
               name: "RHSA-2025:0876",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0876",
            },
            {
               name: "RHSA-2025:2454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2454",
            },
            {
               name: "RHSA-2025:2710",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2710",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-9676",
            },
            {
               name: "RHBZ#2317467",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2317467",
            },
            {
               url: "https://github.com/advisories/GHSA-wq2p-5pc6-wpgf",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-09T02:59:07.708000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-10-15T15:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-9676",
      datePublished: "2024-10-15T15:27:33.665Z",
      dateReserved: "2024-10-09T03:02:48.802Z",
      dateUpdated: "2025-03-19T23:30:59.599Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0689
Vulnerability from cvelistv5
Published
2025-03-03 14:17
Modified
2025-03-05 20:43
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-0689vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346122issue-tracking, x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0689",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-03T15:08:10.060966Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-03T15:10:37.636Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-120",
                     description: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-05T20:43:36.299Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0689",
            },
            {
               name: "RHBZ#2346122",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346122",
            },
            {
               url: "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:34:11.237000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: udf: heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution",
         workarounds: [
            {
               lang: "en",
               value: "Do not run grub2 in an untrusted environment, specifically with a UDF file system image.",
            },
         ],
         x_redhatCweChain: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0689",
      datePublished: "2025-03-03T14:17:32.517Z",
      dateReserved: "2025-01-23T19:49:12.475Z",
      dateUpdated: "2025-03-05T20:43:36.299Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12087
Vulnerability from cvelistv5
Published
2025-01-14 17:57
Modified
2025-03-15 00:14
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
References
https://access.redhat.com/errata/RHSA-2025:2600vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12087vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330672issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 0    3.3.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-21.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12087",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-26T14:12:12.897301Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-26T14:12:41.645Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/RsyncProject/rsync",
               defaultStatus: "unaffected",
               packageName: "rsync",
               versions: [
                  {
                     lessThanOrEqual: "3.3.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-21.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue.",
            },
         ],
         datePublic: "2025-01-14T15:06:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-35",
                     description: "Path Traversal: '.../...//'",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:14:28.990Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:2600",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2600",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12087",
            },
            {
               name: "RHBZ#2330672",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330672",
            },
            {
               url: "https://kb.cert.org/vuls/id/952657",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-05T21:23:24.139000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-14T15:06:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rsync: path traversal vulnerability in rsync",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-35: Path Traversal: '.../...//'",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12087",
      datePublished: "2025-01-14T17:57:33.927Z",
      dateReserved: "2024-12-03T08:58:04.170Z",
      dateUpdated: "2025-03-15T00:14:28.990Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45496
Vulnerability from cvelistv5
Published
2024-09-16 23:58
Modified
2025-01-09 08:34
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Summary
A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An attacker with developer-level access can provide a crafted .gitconfig file containing commands executed during the cloning process, leading to arbitrary command execution on the worker node. An attacker running code in a privileged container could escalate their permissions on the node running the container.
References
https://access.redhat.com/errata/RHSA-2024:3718vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6685vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6687vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6689vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6691vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6705vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45496vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2308661issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 4.12.0    4.18.0
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202409131137.p1.g0b1971a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202409130707.p1.gb75d499.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202409130708.p1.g9020ea1.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131835.p1.gbe9d673.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202409130937.p1.g5dcfc99.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409182235.p0.g7682a61.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45496",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-17T15:05:05.525825Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-17T15:05:15.692Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/",
               defaultStatus: "unaffected",
               packageName: "openshift-controller-manager",
               versions: [
                  {
                     lessThanOrEqual: "4.18.0",
                     status: "affected",
                     version: "4.12.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.12.0-202409131137.p1.g0b1971a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202409130707.p1.gb75d499.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202409130708.p1.g9020ea1.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409131835.p1.gbe9d673.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202409130937.p1.g5dcfc99.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202409182235.p0.g7682a61.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Thibault Guittet (Red Hat).",
            },
         ],
         datePublic: "2024-09-16T07:55:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An attacker with developer-level access can provide a crafted .gitconfig file containing commands executed during the cloning process, leading to arbitrary command execution on the worker node. An attacker running code in a privileged container could escalate their permissions on the node running the container.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 9.9,
                  baseSeverity: "CRITICAL",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-269",
                     description: "Improper Privilege Management",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-09T08:34:19.277Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:3718",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3718",
            },
            {
               name: "RHSA-2024:6685",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6685",
            },
            {
               name: "RHSA-2024:6687",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6687",
            },
            {
               name: "RHSA-2024:6689",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6689",
            },
            {
               name: "RHSA-2024:6691",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6691",
            },
            {
               name: "RHSA-2024:6705",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6705",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45496",
            },
            {
               name: "RHBZ#2308661",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308661",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-08-29T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-09-16T07:55:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-controller-manager: elevated build pods can lead to node compromise in openshift",
         workarounds: [
            {
               lang: "en",
               value: "Cluster admins can follow the instructions in \"Securing Builds by Strategy\" to block use of the \"Docker\" and “Source” build strategies on a cluster, or restrict the use to a set of highly trusted users, until the cluster is able to be upgraded.\n\nhttps://docs.openshift.com/container-platform/4.16/cicd/builds/securing-builds-by-strategy.html",
            },
         ],
         x_redhatCweChain: "CWE-269: Improper Privilege Management",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45496",
      datePublished: "2024-09-16T23:58:59.399Z",
      dateReserved: "2024-08-30T10:12:13.684Z",
      dateUpdated: "2025-01-09T08:34:19.277Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-26466
Vulnerability from cvelistv5
Published
2025-02-28 21:25
Modified
2025-03-21 15:57
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
References
https://access.redhat.com/security/cve/CVE-2025-26466vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345043issue-tracking, x_refsource_REDHAT
https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt
Impacted products
Vendor Product Version
Version: 9.5p1   <
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2025-03-05T03:48:43.236Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://security.netapp.com/advisory/ntap-20250228-0002/",
               },
               {
                  url: "https://www.openwall.com/lists/oss-security/2025/02/18/1",
               },
               {
                  url: "https://www.openwall.com/lists/oss-security/2025/02/18/4",
               },
               {
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1237041",
               },
               {
                  url: "https://security-tracker.debian.org/tracker/CVE-2025-26466",
               },
               {
                  url: "https://ubuntu.com/security/CVE-2025-26466",
               },
            ],
            title: "CVE Program Container",
            x_generator: {
               engine: "ADPogram 0.0.1",
            },
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-26466",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T19:51:35.555196Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T19:51:39.308Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.openssh.com/",
               defaultStatus: "unaffected",
               packageName: "OpenSSH",
               repo: "https://anongit.mindrot.org/openssh.git",
               versions: [
                  {
                     lessThanOrEqual: "9.9p1",
                     status: "affected",
                     version: "9.5p1",
                     versionType: "custom",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-770",
                     description: "Allocation of Resources Without Limits or Throttling",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-21T15:57:02.215Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-26466",
            },
            {
               name: "RHBZ#2345043",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345043",
            },
            {
               url: "https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-11T19:51:30.375000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openssh: denial-of-service in openssh",
         workarounds: [
            {
               lang: "en",
               value: "This issue can be mitigated by setting the following three different options in the sshd configuration file located at: /etc/ssh/sshd_config\n\nMaxStartups: Set to a reasonable value, this option controls the maximum number of concurrent unauthenticated connections the SSH server accepts;\n\nPerSourcePenalties: Set its suboptions to a reasonable value, this option is used to help sshd to detect and drop connections that are potentially malicious for the SSH server;\n\nLoginGraceTime: Set to a resonable value, this option controls how much time the SSH server will wait the client to authenticate before dropping its connection;\n\nAll the three option above needs to be set to implement a full mitigation for this vulnerability.",
            },
         ],
         x_redhatCweChain: "CWE-770: Allocation of Resources Without Limits or Throttling",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-26466",
      datePublished: "2025-02-28T21:25:28.861Z",
      dateReserved: "2025-02-10T18:31:47.979Z",
      dateUpdated: "2025-03-21T15:57:02.215Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-10963
Vulnerability from cvelistv5
Published
2024-11-07 16:02
Modified
2025-02-13 06:06
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
References
https://access.redhat.com/errata/RHSA-2024:10232vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10244vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10379vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10518vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10528vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10852vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-10963vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2324291issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.3.1   
Version: 1.5.1   
Version: 1.6.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-36.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-22.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-22.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-23.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411261619-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202411261220-0   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI 2.16 Unaffected: sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644   < *
    cpe:/a:redhat:openshift_ai:2.16::el8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10963",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T18:27:30.472908Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T18:27:42.452Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/linux-pam/linux-pam/",
               defaultStatus: "unaffected",
               packageName: "pam",
               versions: [
                  {
                     status: "affected",
                     version: "1.3.1",
                     versionType: "semver",
                  },
                  {
                     status: "affected",
                     version: "1.5.1",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.7.0",
                     status: "affected",
                     version: "1.6.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.3.1-36.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.5.1-22.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.5.1-22.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
                  "cpe:/o:redhat:rhel_eus:9.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.5.1-23.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202411261619-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "417.94.202411261220-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai:2.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "registry.redhat.io/rhoai/odh-dashboard-rhel8",
               product: "Red Hat OpenShift AI 2.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-07T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-287",
                     description: "Improper Authentication",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-13T06:06:35.276Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10232",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10232",
            },
            {
               name: "RHSA-2024:10244",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10244",
            },
            {
               name: "RHSA-2024:10379",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10379",
            },
            {
               name: "RHSA-2024:10518",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10518",
            },
            {
               name: "RHSA-2024:10528",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10528",
            },
            {
               name: "RHSA-2024:10852",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10852",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-10963",
            },
            {
               name: "RHBZ#2324291",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324291",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-07T07:38:52.548000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-07T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Pam: improper hostname interpretation in pam_access leads to access control bypass",
         workarounds: [
            {
               lang: "en",
               value: "To reduce the risk, administrators should ensure that no DNS hostname matches local TTY or service names used in pam_access. Additionally, implement DNSSEC to prevent spoofing of DNS responses. For stronger protection, consider reconfiguring pam_access to only accept fully qualified domain names (FQDNs) in access.conf",
            },
         ],
         x_redhatCweChain: "CWE-287: Improper Authentication",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-10963",
      datePublished: "2024-11-07T16:02:34.873Z",
      dateReserved: "2024-11-07T07:29:13.250Z",
      dateUpdated: "2025-02-13T06:06:35.276Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-8418
Vulnerability from cvelistv5
Published
2024-09-04 14:24
Modified
2024-09-17 20:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.
References
https://access.redhat.com/security/cve/CVE-2024-8418vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2309683issue-tracking, x_refsource_REDHAT
https://github.com/containers/aardvark-dns/issues/500
https://github.com/containers/aardvark-dns/pull/503
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-8418",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-04T15:21:26.948674Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-04T15:21:37.784Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:rhel8/aardvark-dns",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:rhel8/containers-common",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "aardvark-dns",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "containers-common",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-09-04T10:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-17T20:07:47.367Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-8418",
            },
            {
               name: "RHBZ#2309683",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309683",
            },
            {
               url: "https://github.com/containers/aardvark-dns/issues/500",
            },
            {
               url: "https://github.com/containers/aardvark-dns/pull/503",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-09-03T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-09-04T10:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service",
         workarounds: [
            {
               lang: "en",
               value: "It is advised to upgrade aardvark-dns to version 1.12.1 or higher.",
            },
         ],
         x_redhatCweChain: "CWE-400: Uncontrolled Resource Consumption",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-8418",
      datePublished: "2024-09-04T14:24:03.276Z",
      dateReserved: "2024-09-04T10:38:07.126Z",
      dateUpdated: "2024-09-17T20:07:47.367Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-6409
Vulnerability from cvelistv5
Published
2024-07-08 17:57
Modified
2024-11-24 17:26
Severity ?
7.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Summary
A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.
References
https://access.redhat.com/errata/RHSA-2024:4457vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4613vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4716vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4910vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4955vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4960vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5444vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6409vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2295085issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:8.7p1-12.el9_0.3   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:8.7p1-30.el9_2.7   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/o:redhat:rhel_eus:9.2::baseos
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202408122222-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202407300859-0   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202407301159-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202407171205-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-6409",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-11T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-12T03:55:30.136Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:41:03.399Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/08/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/09/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/09/5",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/07/10/2",
               },
               {
                  name: "RHSA-2024:4457",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4457",
               },
               {
                  name: "RHSA-2024:4613",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4613",
               },
               {
                  name: "RHSA-2024:4716",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4716",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-6409",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://almalinux.org/blog/2024-07-09-cve-2024-6409/",
               },
               {
                  name: "RHBZ#2295085",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295085",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1227217",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://explore.alas.aws.amazon.com/CVE-2024-6409.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2024-6409",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20240712-0003/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://sig-security.rocky.page/issues/CVE-2024-6409/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://ubuntu.com/security/CVE-2024-6409",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.suse.com/security/cve/CVE-2024-6409.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.openssh.com/",
               defaultStatus: "unaffected",
               packageName: "OpenSSH",
               repo: "https://anongit.mindrot.org/openssh.git",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-38.el9_4.4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-38.el9_4.4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:9.0::baseos",
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-12.el9_0.3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
                  "cpe:/o:redhat:rhel_eus:9.2::baseos",
               ],
               defaultStatus: "affected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:8.7p1-30.el9_2.7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "413.92.202408122222-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "414.92.202407300859-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202407301159-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202407171205-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "openssh",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Solar Designer (CIQ/Rocky Linux) for reporting this issue.",
            },
         ],
         datePublic: "2024-07-08T17:45:07+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-364",
                     description: "Signal Handler Race Condition",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-24T17:26:14.437Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:4457",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4457",
            },
            {
               name: "RHSA-2024:4613",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4613",
            },
            {
               name: "RHSA-2024:4716",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4716",
            },
            {
               name: "RHSA-2024:4910",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4910",
            },
            {
               name: "RHSA-2024:4955",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4955",
            },
            {
               name: "RHSA-2024:4960",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4960",
            },
            {
               name: "RHSA-2024:5444",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:5444",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-6409",
            },
            {
               name: "RHBZ#2295085",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295085",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-01T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-07-08T17:45:07+00:00",
               value: "Made public.",
            },
         ],
         title: "Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9",
         workarounds: [
            {
               lang: "en",
               value: "The process is identical to CVE-2024-6387, by disabling LoginGraceTime. See that CVE page for additional details.",
            },
         ],
         x_redhatCweChain: "CWE-364: Signal Handler Race Condition",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-6409",
      datePublished: "2024-07-08T17:57:10.517Z",
      dateReserved: "2024-06-28T18:10:24.954Z",
      dateUpdated: "2024-11-24T17:26:14.437Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-6538
Vulnerability from cvelistv5
Published
2024-11-25 06:15
Modified
2025-03-13 03:33
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to clients due to network filtering. Leveraging such an attack vector, the attacker can have an impact on other services and potentially disclose information or have other nefarious effects on the system. The /api/dev-console/proxy/internet endpoint on the OpenShit Console allows authenticated users to have the console's pod perform arbitrary and fully controlled HTTP(s) requests. The full response to these requests is returned by the endpoint. While the name of this endpoint suggests the requests are only bound to the internet, no such checks are in place. An authenticated user can therefore ask the console to perform arbitrary HTTP requests from outside the cluster to a service inside the cluster.
References
https://access.redhat.com/security/cve/CVE-2024-6538vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2296057issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 6.0.0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-6538",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-25T17:03:56.020294Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-25T17:04:13.113Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/console",
               defaultStatus: "unaffected",
               packageName: "openshift-console",
               versions: [
                  {
                     lessThan: "6.0.6",
                     status: "affected",
                     version: "6.0.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-21T10:12:45.222Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to clients due to network filtering. Leveraging such an attack vector, the attacker can have an impact on other services and potentially disclose information or have other nefarious effects on the system.\nThe /api/dev-console/proxy/internet endpoint on the OpenShit Console allows authenticated users to have the console's pod perform arbitrary and fully controlled HTTP(s) requests. The full response to these requests is returned by the endpoint.\nWhile the name of this endpoint suggests the requests are only bound to the internet, no such checks are in place. An authenticated user can therefore ask the console to perform arbitrary HTTP requests from outside the cluster to a service inside the cluster.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-918",
                     description: "Server-Side Request Forgery (SSRF)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-13T03:33:58.199Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-6538",
            },
            {
               name: "RHBZ#2296057",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296057",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-05T21:12:38+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-21T10:12:45.222000+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift-console: openshift console:  server-side request forgery",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-918: Server-Side Request Forgery (SSRF)",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-6538",
      datePublished: "2024-11-25T06:15:12.697Z",
      dateReserved: "2024-07-05T21:14:03.063Z",
      dateUpdated: "2025-03-13T03:33:58.199Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-1118
Vulnerability from cvelistv5
Published
2025-02-19 17:54
Modified
2025-03-15 01:03
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.
References
https://access.redhat.com/security/cve/CVE-2025-1118vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346137issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-1118",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-03T17:23:06.868981Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-03T17:24:24.515Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-501",
                     description: "Trust Boundary Violation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T01:03:48.648Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-1118",
            },
            {
               name: "RHBZ#2346137",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346137",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T17:26:24.670000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled",
         x_redhatCweChain: "CWE-501: Trust Boundary Violation",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-1118",
      datePublished: "2025-02-19T17:54:27.651Z",
      dateReserved: "2025-02-07T16:58:08.564Z",
      dateUpdated: "2025-03-15T01:03:48.648Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0684
Vulnerability from cvelistv5
Published
2025-03-03 17:14
Modified
2025-03-04 16:14
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_reiserfs_read_symlink() will call grub_reiserfs_read_real() with a overflown length parameter, leading to a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution, by-passing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-0684vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346119issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0684",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T16:14:33.211120Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T16:14:41.428Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_reiserfs_read_symlink() will call grub_reiserfs_read_real() with a overflown length parameter, leading to a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution, by-passing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-03T17:14:07.911Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0684",
            },
            {
               name: "RHBZ#2346119",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346119",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:12:50.927000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: reiserfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0684",
      datePublished: "2025-03-03T17:14:07.911Z",
      dateReserved: "2025-01-23T19:05:34.260Z",
      dateUpdated: "2025-03-04T16:14:41.428Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-9341
Vulnerability from cvelistv5
Published
2024-10-01 18:52
Modified
2025-03-14 16:37
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Summary
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
References
https://access.redhat.com/errata/RHSA-2024:10147vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10818vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7925vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8039vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8112vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8238vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8263vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8428vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8690vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8694vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8846vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9341vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2315691issue-tracking, x_refsource_REDHAT
https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169
https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241023085649.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-13.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.33.9-1.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-30.rhaos4.12.git53dc492.el8   < *
    cpe:/a:redhat:openshift:4.12::el9
    cpe:/a:redhat:openshift_ironic:4.12::el9
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-26.rhaos4.13.giteb3d487.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.8-10.rhaos4.14.git807f92c.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.11-5.rhaos4.15.git35a2431.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.9-5.rhaos4.16.git34690b9.el9   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411201433-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 0:1.30.6-3.rhaos4.17.git49b5172.el8   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202412040832-0   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9341",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-01T19:23:28.683055Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-01T19:23:37.158Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/common",
               defaultStatus: "unaffected",
               packageName: "github.com/containers/common",
               versions: [
                  {
                     lessThan: "0.60.4",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020241023085649.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-13.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.33.9-1.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:5.2.2-9.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.37.5-1.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el9",
                  "cpe:/a:redhat:openshift_ironic:4.12::el9",
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.25.5-30.rhaos4.12.git53dc492.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.5-26.rhaos4.13.giteb3d487.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.8-10.rhaos4.14.git807f92c.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.28.11-5.rhaos4.15.git35a2431.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el8",
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.29.9-5.rhaos4.16.git34690b9.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202411201433-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
                  "cpe:/a:redhat:openshift:4.17::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.30.6-3.rhaos4.17.git49b5172.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "417.94.202412040832-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Paul Holzinger for reporting this issue.",
            },
         ],
         datePublic: "2024-10-01T15:45:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-59",
                     description: "Improper Link Resolution Before File Access ('Link Following')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-14T16:37:18.925Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10147",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10147",
            },
            {
               name: "RHSA-2024:10818",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10818",
            },
            {
               name: "RHSA-2024:7925",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7925",
            },
            {
               name: "RHSA-2024:8039",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8039",
            },
            {
               name: "RHSA-2024:8112",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8112",
            },
            {
               name: "RHSA-2024:8238",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8238",
            },
            {
               name: "RHSA-2024:8263",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8263",
            },
            {
               name: "RHSA-2024:8428",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8428",
            },
            {
               name: "RHSA-2024:8690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8690",
            },
            {
               name: "RHSA-2024:8694",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8694",
            },
            {
               name: "RHSA-2024:8846",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8846",
            },
            {
               name: "RHSA-2024:9454",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9454",
            },
            {
               name: "RHSA-2024:9459",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9459",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-9341",
            },
            {
               name: "RHBZ#2315691",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315691",
            },
            {
               url: "https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169",
            },
            {
               url: "https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-09-30T15:18:57.587000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-10-01T15:45:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-59: Improper Link Resolution Before File Access ('Link Following')",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-9341",
      datePublished: "2024-10-01T18:52:00.686Z",
      dateReserved: "2024-09-30T15:19:22.496Z",
      dateUpdated: "2025-03-14T16:37:18.925Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0686
Vulnerability from cvelistv5
Published
2025-03-03 17:14
Modified
2025-03-04 16:12
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution by-passing secure boot protections.
References
https://access.redhat.com/security/cve/CVE-2025-0686vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346121issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0686",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T16:11:43.388154Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-04T16:12:08.515Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution by-passing secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-03T17:14:30.632Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0686",
            },
            {
               name: "RHBZ#2346121",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346121",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:30:22.191000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0686",
      datePublished: "2025-03-03T17:14:30.632Z",
      dateReserved: "2025-01-23T19:13:28.900Z",
      dateUpdated: "2025-03-04T16:12:08.515Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-0874
Vulnerability from cvelistv5
Published
2024-04-25 16:22
Modified
2025-03-20 02:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
References
https://access.redhat.com/errata/RHSA-2024:0041vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4850vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6009vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6406vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-0874vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2219234issue-tracking, x_refsource_REDHAT
https://github.com/coredns/coredns/issues/6186
https://github.com/coredns/coredns/pull/6354
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202407230407.p0.g1326282.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-0874",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-13T20:18:31.995445Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-13T20:18:37.906Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:18:18.998Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:0041",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:0041",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-0874",
               },
               {
                  name: "RHBZ#2219234",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219234",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/coredns/coredns/issues/6186",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/coredns/coredns/pull/6354",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/coredns/coredns",
               defaultStatus: "unaffected",
               packageName: "coredns",
               versions: [
                  {
                     lessThan: "1.11.2",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-coredns",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-coredns",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el8",
                  "cpe:/a:redhat:openshift:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-coredns-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202407230407.p0.g1326282.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-coredns-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:logging:5",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-logging/logging-loki-rhel8",
               product: "Logging Subsystem for Red Hat OpenShift",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "affected",
               packageName: "rhacm2/lighthouse-agent-rhel9",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Petr Mensik (Red Hat).",
            },
         ],
         datePublic: "2023-07-03T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-524",
                     description: "Use of Cache Containing Sensitive Information",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-20T02:44:49.516Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:0041",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0041",
            },
            {
               name: "RHSA-2024:4850",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4850",
            },
            {
               name: "RHSA-2024:6009",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6009",
            },
            {
               name: "RHSA-2024:6406",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6406",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-0874",
            },
            {
               name: "RHBZ#2219234",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219234",
            },
            {
               url: "https://github.com/coredns/coredns/issues/6186",
            },
            {
               url: "https://github.com/coredns/coredns/pull/6354",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-07-03T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-07-03T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Coredns: cd bit response is cached and served later",
         x_redhatCweChain: "CWE-524: Use of Cache Containing Sensitive Information",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-0874",
      datePublished: "2024-04-25T16:22:44.182Z",
      dateReserved: "2024-01-24T23:42:08.424Z",
      dateUpdated: "2025-03-20T02:44:49.516Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-6501
Vulnerability from cvelistv5
Published
2024-07-09 19:27
Modified
2024-12-31 03:10
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Summary
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.
References
https://access.redhat.com/errata/RHSA-2024:9317vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2295734issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.40   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:1.48.10-2.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:1.48.10-2.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-6501",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-10T20:36:57.290190Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-10T20:37:06.892Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:41:03.482Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-6501",
               },
               {
                  name: "RHBZ#2295734",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295734",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/NetworkManager/NetworkManager",
               defaultStatus: "unaffected",
               packageName: "NetworkManager",
               versions: [
                  {
                     lessThan: "1.48.10-2",
                     status: "affected",
                     version: "1.40",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
                  "cpe:/a:redhat:enterprise_linux:9::crb",
               ],
               defaultStatus: "affected",
               packageName: "NetworkManager",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.48.10-2.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
                  "cpe:/a:redhat:enterprise_linux:9::crb",
               ],
               defaultStatus: "affected",
               packageName: "NetworkManager",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:1.48.10-2.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "NetworkManager",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "NetworkManager",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "NetworkManager",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "NetworkManager",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-07-04T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.1,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-31T03:10:09.533Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:9317",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9317",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-6501",
            },
            {
               name: "RHBZ#2295734",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295734",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-04T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-07-04T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Networkmanager: denial of service",
         x_redhatCweChain: "CWE-400: Uncontrolled Resource Consumption",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-6501",
      datePublished: "2024-07-09T19:27:11.133Z",
      dateReserved: "2024-07-04T05:13:32.680Z",
      dateUpdated: "2024-12-31T03:10:09.533Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0677
Vulnerability from cvelistv5
Published
2025-02-19 18:23
Modified
2025-03-15 01:03
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms.
References
https://access.redhat.com/security/cve/CVE-2025-0677vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346116issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0677",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T18:39:38.906939Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T18:39:50.525Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T01:03:32.287Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0677",
            },
            {
               name: "RHBZ#2346116",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346116",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T15:04:39.393000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: ufs: integer overflow may lead to heap based out-of-bounds write when handling symlinks",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0677",
      datePublished: "2025-02-19T18:23:53.496Z",
      dateReserved: "2025-01-23T16:24:18.046Z",
      dateUpdated: "2025-03-15T01:03:32.287Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1342
Vulnerability from cvelistv5

Unable to reproduce.

Show details on NVD website

To clipboard 

{
   containers: {
      cna: {
         providerMetadata: {
            dateUpdated: "2024-10-14T22:00:07.768Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         rejectedReasons: [
            {
               lang: "en",
               value: "Unable to reproduce.",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-1342",
      datePublished: "2024-02-16T15:20:53.354Z",
      dateRejected: "2024-10-14T22:00:07.768Z",
      dateReserved: "2024-02-07T22:26:19.404Z",
      dateUpdated: "2024-10-14T22:00:07.768Z",
      state: "REJECTED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12088
Vulnerability from cvelistv5
Published
2025-01-14 17:38
Modified
2025-03-15 00:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
References
https://access.redhat.com/errata/RHSA-2025:2600vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12088vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330676issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 0    3.3.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-21.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12088",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-26T14:13:08.347346Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-26T14:13:22.355Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/RsyncProject/rsync",
               defaultStatus: "unaffected",
               packageName: "rsync",
               versions: [
                  {
                     lessThanOrEqual: "3.3.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:3.1.3-21.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue.",
            },
         ],
         datePublic: "2025-01-14T15:06:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-35",
                     description: "Path Traversal: '.../...//'",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:15:03.570Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:2600",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2600",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12088",
            },
            {
               name: "RHBZ#2330676",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330676",
            },
            {
               url: "https://kb.cert.org/vuls/id/952657",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-05T21:55:22.700000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-14T15:06:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rsync: --safe-links option bypass leads to path traversal",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-35: Path Traversal: '.../...//'",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12088",
      datePublished: "2025-01-14T17:38:34.890Z",
      dateReserved: "2024-12-03T08:58:08.307Z",
      dateUpdated: "2025-03-15T00:15:03.570Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-6476
Vulnerability from cvelistv5
Published
2024-01-09 21:32
Modified
2024-11-24 11:54
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.
References
https://access.redhat.com/errata/RHSA-2024:0195vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0207vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-6476vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2253994issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.4-6.1.rhaos4.13.git9eb9cf3.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.2-7.rhaos4.14.git1cc7a64.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:28:21.863Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:0195",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:0195",
               },
               {
                  name: "RHSA-2024:0207",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:0207",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-6476",
               },
               {
                  name: "RHBZ#2253994",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253994",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el8",
                  "cpe:/a:redhat:openshift:4.13::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.26.4-6.1.rhaos4.13.git9eb9cf3.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.27.2-7.rhaos4.14.git1cc7a64.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-01-09T21:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-770",
                     description: "Allocation of Resources Without Limits or Throttling",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-24T11:54:48.596Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:0195",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0195",
            },
            {
               name: "RHSA-2024:0207",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0207",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-6476",
            },
            {
               name: "RHBZ#2253994",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253994",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-12-11T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-01-09T21:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Cri-o: pods are able to break out of resource confinement on cgroupv2",
         x_redhatCweChain: "CWE-770: Allocation of Resources Without Limits or Throttling",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-6476",
      datePublished: "2024-01-09T21:32:03.407Z",
      dateReserved: "2023-12-04T06:23:22.231Z",
      dateUpdated: "2024-11-24T11:54:48.596Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-6596
Vulnerability from cvelistv5
Published
2024-04-25 16:00
Modified
2025-01-06 22:01
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers.
References
https://access.redhat.com/errata/RHSA-2024:0485vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0682vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-6596vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2253521issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 4.12.0   
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.11 Unaffected: v4.11.0-202401301508.p0.g5ea0428.assembly.stream   < *
    cpe:/a:redhat:openshift:4.11::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202401190520.p0.g4b287bd.assembly.stream   < *
    cpe:/a:redhat:openshift:4.12::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-6596",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-17T14:09:02.835764Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-17T14:09:16.831Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:35:14.913Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:0485",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:0485",
               },
               {
                  name: "RHSA-2024:0682",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:0682",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-6596",
               },
               {
                  name: "RHBZ#2253521",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253521",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift",
               defaultStatus: "unaffected",
               packageName: "openshift",
               versions: [
                  {
                     lessThan: "4.11.58",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "4.12.48",
                     status: "affected",
                     version: "4.12.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.11::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager",
               product: "Red Hat OpenShift Container Platform 4.11",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.11.0-202401301508.p0.g5ea0428.assembly.stream",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.12::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager",
               product: "Red Hat OpenShift Container Platform 4.12",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.12.0-202401190520.p0.g4b287bd.assembly.stream",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-olm-rukpak-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-01-04T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-06T22:01:20.326Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:0485",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0485",
            },
            {
               name: "RHSA-2024:0682",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0682",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-6596",
            },
            {
               name: "RHBZ#2253521",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253521",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-12-07T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-01-04T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Openshift: incomplete fix for rapid reset (cve-2023-44487/cve-2023-39325)",
         x_redhatCweChain: "CWE-400: Uncontrolled Resource Consumption",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-6596",
      datePublished: "2024-04-25T16:00:24.215Z",
      dateReserved: "2023-12-07T20:41:47.625Z",
      dateUpdated: "2025-01-06T22:01:20.326Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0624
Vulnerability from cvelistv5
Published
2025-02-19 18:23
Modified
2025-03-27 22:08
Severity ?
7.6 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections.
References
https://access.redhat.com/errata/RHSA-2025:2521vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2653vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2655vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2675vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2784vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2799vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2867vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2869vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3367vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346112issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 8 Unaffected: 1:2.02-162.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 1:2.02-87.el8_2.13   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 1:2.02-99.el8_4.12   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 1:2.02-99.el8_4.12   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 1:2.02-99.el8_4.12   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 1:2.02-123.el8_6.18   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 1:2.02-123.el8_6.18   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 1:2.02-123.el8_6.18   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 1:2.02-152.el8_8.2   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-94.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 1:2.06-27.el9_0.22   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:2.06-61.el9_2.10   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 1:2.06-86.el9_4.2   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0624",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T18:39:10.861038Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T18:39:29.836Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-162.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_aus:8.2::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.2 Advanced Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-87.el8_2.13",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                  "cpe:/o:redhat:rhel_aus:8.4::baseos",
                  "cpe:/o:redhat:rhel_tus:8.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-99.el8_4.12",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                  "cpe:/o:redhat:rhel_aus:8.4::baseos",
                  "cpe:/o:redhat:rhel_tus:8.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-99.el8_4.12",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                  "cpe:/o:redhat:rhel_aus:8.4::baseos",
                  "cpe:/o:redhat:rhel_tus:8.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-99.el8_4.12",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                  "cpe:/o:redhat:rhel_aus:8.6::baseos",
                  "cpe:/o:redhat:rhel_tus:8.6::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-123.el8_6.18",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                  "cpe:/o:redhat:rhel_aus:8.6::baseos",
                  "cpe:/o:redhat:rhel_tus:8.6::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-123.el8_6.18",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                  "cpe:/o:redhat:rhel_aus:8.6::baseos",
                  "cpe:/o:redhat:rhel_tus:8.6::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-123.el8_6.18",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_eus:8.8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8.8 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.02-152.el8_8.2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.06-94.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_e4s:9.0::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.06-27.el9_0.22",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_eus:9.2::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.06-61.el9_2.10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:rhel_eus:9.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1:2.06-86.el9_4.2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-27T22:08:46.706Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:2521",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2521",
            },
            {
               name: "RHSA-2025:2653",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2653",
            },
            {
               name: "RHSA-2025:2655",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2655",
            },
            {
               name: "RHSA-2025:2675",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2675",
            },
            {
               name: "RHSA-2025:2784",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2784",
            },
            {
               name: "RHSA-2025:2799",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2799",
            },
            {
               name: "RHSA-2025:2867",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2867",
            },
            {
               name: "RHSA-2025:2869",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:2869",
            },
            {
               name: "RHSA-2025:3367",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:3367",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0624",
            },
            {
               name: "RHBZ#2346112",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346112",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-17T14:35:38.127000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: net: out-of-bounds write in grub_net_search_config_file()",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-787: Out-of-bounds Write",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0624",
      datePublished: "2025-02-19T18:23:21.463Z",
      dateReserved: "2025-01-21T16:49:51.381Z",
      dateUpdated: "2025-03-27T22:08:46.706Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45775
Vulnerability from cvelistv5
Published
2025-02-18 19:25
Modified
2025-03-15 00:16
Severity ?
5.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
Summary
A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.
References
https://access.redhat.com/security/cve/CVE-2024-45775vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2337481issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45775",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-19T14:42:30.676203Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-19T15:15:35.702Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-01-28T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 5.2,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-252",
                     description: "Unchecked Return Value",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-15T00:16:41.672Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45775",
            },
            {
               name: "RHBZ#2337481",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337481",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-01-13T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-28T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: commands/extcmd: missing check for failed allocation",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-252: Unchecked Return Value",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45775",
      datePublished: "2025-02-18T19:25:40.364Z",
      dateReserved: "2024-09-08T01:57:12.947Z",
      dateUpdated: "2025-03-15T00:16:41.672Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2025-0650
Vulnerability from cvelistv5
Published
2025-01-23 16:34
Modified
2025-03-19 10:58
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.
References
https://access.redhat.com/errata/RHSA-2025:1083vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1084vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1085vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1086vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1087vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1088vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1089vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1090vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1091vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1092vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1093vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1094vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1095vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1096vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1097vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0650vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2339537issue-tracking, x_refsource_REDHAT
https://www.openwall.com/lists/oss-security/2025/01/22/5
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:22.03.7-11.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:22.06.0-273.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:22.09.2-86.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:22.12.1-107.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:23.03.3-22.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:23.06.4-26.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:22.03.7-11.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:22.06.0-273.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:22.09.2-86.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:22.12.1-107.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:23.03.3-22.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:23.06.4-26.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:23.09.6-12.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:24.03.4-53.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:24.09.1-66.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2025-01-23T18:03:31.666Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2025/01/22/11",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0650",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-23T17:00:24.397376Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-12T20:41:29.401Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/ovn-org/ovn",
               defaultStatus: "unknown",
               packageName: "ovn",
               versions: [
                  {
                     status: "unaffected",
                     version: "22.03.8",
                     versionType: "semver",
                  },
                  {
                     status: "unaffected",
                     version: "24.03.5",
                     versionType: "semver",
                  },
                  {
                     status: "unaffected",
                     version: "24.09.2",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.03.7-11.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.06",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.06.0-273.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.09",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.09.2-86.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.12.1-107.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.03.3-22.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.06",
               product: "Fast Datapath for Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.06.4-26.el8fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.03.7-11.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.06",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.06.0-273.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.09",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.09.2-86.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn22.12",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:22.12.1-107.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.03.3-22.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.06",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.06.4-26.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.09",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.09.6-12.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn24.03",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:24.03.4-53.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "affected",
               packageName: "ovn24.09",
               product: "Fast Datapath for Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:24.09.1-66.el9fdp",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.06",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.09",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "ovn22.12",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unknown",
               packageName: "ovn23.03",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "ovn23.06",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "ovn23.09",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "ovn24.03",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "ovn24.09",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-01-21T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "Improper Access Control",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-19T10:58:47.225Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:1083",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1083",
            },
            {
               name: "RHSA-2025:1084",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1084",
            },
            {
               name: "RHSA-2025:1085",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1085",
            },
            {
               name: "RHSA-2025:1086",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1086",
            },
            {
               name: "RHSA-2025:1087",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1087",
            },
            {
               name: "RHSA-2025:1088",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1088",
            },
            {
               name: "RHSA-2025:1089",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1089",
            },
            {
               name: "RHSA-2025:1090",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1090",
            },
            {
               name: "RHSA-2025:1091",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1091",
            },
            {
               name: "RHSA-2025:1092",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1092",
            },
            {
               name: "RHSA-2025:1093",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1093",
            },
            {
               name: "RHSA-2025:1094",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1094",
            },
            {
               name: "RHSA-2025:1095",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1095",
            },
            {
               name: "RHSA-2025:1096",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1096",
            },
            {
               name: "RHSA-2025:1097",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:1097",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2025-0650",
            },
            {
               name: "RHBZ#2339537",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2339537",
            },
            {
               url: "https://www.openwall.com/lists/oss-security/2025/01/22/5",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-01-22T15:45:40.119000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-01-21T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Ovn: egress acls may be bypassed via specially crafted udp packet",
         workarounds: [
            {
               lang: "en",
               value: "Red Hat Product Security has not identified any mitigations at this time. We recommend updating to a known patched version of OVN.",
            },
         ],
         x_redhatCweChain: "CWE-284: Improper Access Control",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2025-0650",
      datePublished: "2025-01-23T16:34:31.390Z",
      dateReserved: "2025-01-22T15:37:30.389Z",
      dateUpdated: "2025-03-19T10:58:47.225Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-11614
Vulnerability from cvelistv5
Published
2024-12-18 08:30
Modified
2025-02-26 11:56
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
References
https://access.redhat.com/errata/RHSA-2025:0208vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0209vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0210vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0211vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0220vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0221vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0222vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11614vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2327955issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 21.05   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:23.11-2.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.11-3.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.11-3.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.11-3.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:21.11-4.el8_8   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:23.11-2.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 2:21.11-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:22.11-4.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:23.11-2.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-12-18T09:03:01.520Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/12/17/3",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-11614",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-18T14:47:13.057559Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-18T14:48:14.956Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://git.dpdk.org/dpdk-stable/",
               defaultStatus: "unaffected",
               packageName: "dpdk",
               versions: [
                  {
                     lessThan: "21.11-4",
                     status: "affected",
                     version: "21.05",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::crb",
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:23.11-2.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:21.11-3.el8_6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:21.11-3.el8_6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream",
                  "cpe:/a:redhat:rhel_aus:8.6::appstream",
                  "cpe:/a:redhat:rhel_tus:8.6::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:21.11-3.el8_6",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:8.8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 8.8 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:21.11-4.el8_8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:23.11-2.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:21.11-3.el9_0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.2::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 9.2 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:22.11-4.el9_2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
               ],
               defaultStatus: "affected",
               packageName: "dpdk",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:23.11-2.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "dpdk",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.10",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.11",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.12",
               product: "Fast Datapath for RHEL 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.11",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.12",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.13",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.15",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.16",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.17",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch3.1",
               product: "Fast Datapath for RHEL 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch2.17",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch3.0",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch3.1",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch3.2",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch3.3",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::fastdatapath",
               ],
               defaultStatus: "unaffected",
               packageName: "openvswitch3.4",
               product: "Fast Datapath for RHEL 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch2.17",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch3.0",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openvswitch3.1",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-12-17T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-125",
                     description: "Out-of-bounds Read",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-26T11:56:36.361Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2025:0208",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0208",
            },
            {
               name: "RHSA-2025:0209",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0209",
            },
            {
               name: "RHSA-2025:0210",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0210",
            },
            {
               name: "RHSA-2025:0211",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0211",
            },
            {
               name: "RHSA-2025:0220",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0220",
            },
            {
               name: "RHSA-2025:0221",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0221",
            },
            {
               name: "RHSA-2025:0222",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2025:0222",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-11614",
            },
            {
               name: "RHBZ#2327955",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2327955",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-22T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-12-17T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library",
         x_redhatCweChain: "CWE-125: Out-of-bounds Read",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-11614",
      datePublished: "2024-12-18T08:30:49.729Z",
      dateReserved: "2024-11-22T04:21:45.124Z",
      dateUpdated: "2025-02-26T11:56:36.361Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-12084
Vulnerability from cvelistv5
Published
2025-01-15 14:16
Modified
2025-02-27 04:55
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
References
https://access.redhat.com/security/cve/CVE-2024-12084vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330527issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 3.2.7
Version: 3.3.0
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-12084",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-26T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-27T04:55:11.854Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            references: [
               {
                  tags: [
                     "exploit",
                  ],
                  url: "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2025-01-15T15:02:44.467Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2025/01/14/6",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/RsyncProject/rsync",
               defaultStatus: "unaffected",
               packageName: "rsync",
               versions: [
                  {
                     status: "affected",
                     version: "3.2.7",
                  },
                  {
                     status: "affected",
                     version: "3.3.0",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "rsync",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue.",
            },
         ],
         datePublic: "2025-01-14T15:06:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Critical",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-122",
                     description: "Heap-based Buffer Overflow",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-16T18:32:19.776Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-12084",
            },
            {
               name: "RHBZ#2330527",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330527",
            },
            {
               url: "https://kb.cert.org/vuls/id/952657",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-12-05T09:32:44.653000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-01-14T15:06:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Rsync: heap buffer overflow in rsync due to improper checksum length handling",
         workarounds: [
            {
               lang: "en",
               value: "Red Hat recommends filtering untrusted connections to Rsync via firewall rules on the host and on network firewall appliances.\n\nAdditionally, systems which only need to provide remote Rsync access to users with known identities can enable authentication using the ```auth users``` parameter in their rsyncd configuration file (rsyncd.conf). \n\nSystems that provide anonymous read access to hosted files via Rsync, such as mirror hosts, do not have reasonable mitigation options available. We strongly urge operators using vulnerable versions of Rsync to update as soon as possible.",
            },
         ],
         x_redhatCweChain: "CWE-122: Heap-based Buffer Overflow",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-12084",
      datePublished: "2025-01-15T14:16:35.363Z",
      dateReserved: "2024-12-03T08:57:42.580Z",
      dateUpdated: "2025-02-27T04:55:11.854Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1725
Vulnerability from cvelistv5
Published
2024-03-07 20:09
Modified
2025-03-26 04:52
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node.
References
https://access.redhat.com/errata/RHSA-2024:1559vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1891vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2047vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1725vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2265398issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202404200313.p0.g9d909f7.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202404161544.p0.g48fafc4.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202403220332.p0.gd3bdbce.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:48:21.831Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:1559",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1559",
               },
               {
                  name: "RHSA-2024:1891",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:1891",
               },
               {
                  name: "RHSA-2024:2047",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:2047",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-1725",
               },
               {
                  name: "RHBZ#2265398",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265398",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1725",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-03-12T18:08:26.582074Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-12T20:40:55.445Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/openshift/kubevirt-csi-driver/",
               packageName: "kubevirt-csi-driver",
               repo: "https://github.com/openshift/kubevirt-csi-driver/",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "a61f36c42700f54352919318ed806d1ae2d716f4",
                     versionType: "git",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/kubevirt-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.13.0-202404200313.p0.g9d909f7.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/kubevirt-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202404161544.p0.g48fafc4.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/kubevirt-csi-driver-rhel8",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202403220332.p0.gd3bdbce.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
         ],
         datePublic: "2024-03-06T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-501",
                     description: "Trust Boundary Violation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-26T04:52:26.156Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:1559",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1559",
            },
            {
               name: "RHSA-2024:1891",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:1891",
            },
            {
               name: "RHSA-2024:2047",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:2047",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-1725",
            },
            {
               name: "RHBZ#2265398",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265398",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-02-19T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-03-06T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Kubevirt-csi: persistentvolume allows access to hcp's root node",
         x_redhatCweChain: "CWE-501: Trust Boundary Violation",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-1725",
      datePublished: "2024-03-07T20:09:11.616Z",
      dateReserved: "2024-02-21T20:27:59.807Z",
      dateUpdated: "2025-03-26T04:52:26.156Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-3089
Vulnerability from cvelistv5
Published
2023-07-05 12:21
Modified
2024-10-24 19:13
Severity ?
7.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Summary
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
References
https://access.redhat.com/security/cve/CVE-2023-3089vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2212085issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a openshift
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Service Mesh 2.2.x     cpe:/a:redhat:service_mesh:2.2
 Create a notification for this product.
   Red Hat OpenShift Service Mesh 2.3.x     cpe:/a:redhat:service_mesh:2.3
 Create a notification for this product.
   Red Hat OpenShift Service Mesh 2.4     cpe:/a:redhat:service_mesh:2.4
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat JBoss A-MQ Streams     cpe:/a:redhat:amq_streams:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
 Create a notification for this product.
   Red Hat Red Hat Openshift sandboxed containers     cpe:/a:redhat:openshift_sandboxed_containers:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:41:04.166Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-3089",
               },
               {
                  name: "RHBZ#2212085",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2212085",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-3089",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-24T19:12:21.482201Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-24T19:13:59.907Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "openshift",
               vendor: "n/a",
               versions: [
                  {
                     status: "unaffected",
                     version: "4.12.0",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_mesh:2.2",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "OpenShift Service Mesh 2.2.x",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_mesh:2.3",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "OpenShift Service Mesh 2.3.x",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:service_mesh:2.4",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "OpenShift Service Mesh 2.4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
               cpes: [
                  "cpe:/a:redhat:amq_streams:1",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "Red Hat JBoss A-MQ Streams",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift-ansible",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift-golang-builder-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_data_foundation:4",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "Red Hat Openshift Data Foundation 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_sandboxed_containers:1",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "Red Hat Openshift sandboxed containers",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "(as-yet-unknown)",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by David Benoit (Red Hat).",
            },
         ],
         datePublic: "2023-07-05T12:00:00Z",
         descriptions: [
            {
               lang: "en",
               value: "A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-693",
                     description: "Protection Mechanism Failure",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-07-05T12:21:03.036Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-3089",
            },
            {
               name: "RHBZ#2212085",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2212085",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-06-03T00:00:00Z",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-07-05T12:00:00Z",
               value: "Made public.",
            },
         ],
         title: "Ocp & fips mode",
         workarounds: [
            {
               lang: "en",
               value: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected packages as soon as possible.",
            },
         ],
         x_redhatCweChain: "CWE-166->CWE-693: Improper Handling of Missing Special Element leads to Protection Mechanism Failure",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-3089",
      datePublished: "2023-07-05T12:21:03.036Z",
      dateReserved: "2023-06-03T17:29:23.874Z",
      dateUpdated: "2024-10-24T19:13:59.907Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-45779
Vulnerability from cvelistv5
Published
2025-03-03 14:25
Modified
2025-03-25 04:57
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
Summary
An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.
References
https://access.redhat.com/security/cve/CVE-2024-45779vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345854issue-tracking, x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Impacted products
Vendor Product Version
Version: 0    2.12
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-45779",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-03T15:05:17.399405Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-03T15:05:35.269Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://www.gnu.org/software/grub/",
               defaultStatus: "unaffected",
               packageName: "grub2",
               versions: [
                  {
                     lessThanOrEqual: "2.12",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "grub2",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2025-02-18T18:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "Integer Overflow or Wraparound",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-25T04:57:55.572Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-45779",
            },
            {
               name: "RHBZ#2345854",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345854",
            },
            {
               url: "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2025-02-14T21:10:30.586000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2025-02-18T18:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser",
         workarounds: [
            {
               lang: "en",
               value: "Do not run grub2 in an untrusted environment, specifically with a BFS file system image.",
            },
         ],
         x_redhatCweChain: "CWE-190: Integer Overflow or Wraparound",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-45779",
      datePublished: "2025-03-03T14:25:22.453Z",
      dateReserved: "2024-09-08T01:57:12.948Z",
      dateUpdated: "2025-03-25T04:57:55.572Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-43168
Vulnerability from cvelistv5
Published
2024-08-08 20:25
Modified
2024-10-21 11:20
Severity ?
4.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Summary
DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system.
References
https://access.redhat.com/security/cve/CVE-2024-43168vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2303462issue-tracking, x_refsource_REDHAT
https://github.com/NLnetLabs/unbound/issues/1039
https://github.com/NLnetLabs/unbound/pull/1040/files
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-43168",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-09T19:19:04.877683Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-09T19:19:13.973Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unknown",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "unbound",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "openstack-unbound-container",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:17.1",
               ],
               defaultStatus: "affected",
               packageName: "openstack-unbound-container",
               product: "Red Hat OpenStack Platform 17.1",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:18.0",
               ],
               defaultStatus: "affected",
               packageName: "designate-operator-bundle-container",
               product: "Red Hat OpenStack Platform 18.0",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:18.0",
               ],
               defaultStatus: "affected",
               packageName: "designate-operator-container",
               product: "Red Hat OpenStack Platform 18.0",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:18.0",
               ],
               defaultStatus: "affected",
               packageName: "openstack-unbound-container",
               product: "Red Hat OpenStack Platform 18.0",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-08-07T02:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Low",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "LOW",
                  baseScore: 4.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-122",
                     description: "Heap-based Buffer Overflow",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-21T11:20:27.316Z",
            orgId: "206fc3a0-e175-490b-9eaa-a5738056c9f6",
            shortName: "NLnet Labs",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-43168",
            },
            {
               name: "RHBZ#2303462",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2303462",
            },
            {
               url: "https://github.com/NLnetLabs/unbound/issues/1039",
            },
            {
               url: "https://github.com/NLnetLabs/unbound/pull/1040/files",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-04-03T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-08-07T02:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Unbound: heap-buffer-overflow in unbound",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-122: Heap-based Buffer Overflow",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-43168",
      datePublished: "2024-08-08T20:25:24.723Z",
      dateReserved: "2024-08-07T13:02:00.798Z",
      dateUpdated: "2024-10-21T11:20:27.316Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-3727
Vulnerability from cvelistv5
Published
2024-05-09 14:57
Modified
2025-03-20 11:51
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
References
https://access.redhat.com/errata/RHSA-2024:0045vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3718vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4159vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4613vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4850vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4960vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5258vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5951vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6054vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6122vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6708vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6818vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6824vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7164vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7174vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7182vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7187vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7922vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7941vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8260vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8425vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9097vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9098vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9102vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9960vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3727vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2274767issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 5.30.0   
Create a notification for this product.
   Red Hat OADP-1.3-RHEL-9 Unaffected: 1.3.4-9   < *
    cpe:/a:redhat:openshift_api_data_protection:1.3::el9
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-4   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-1   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240808093819.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.2-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.16.1-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:5.2.2-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Migration Toolkit for Containers 1.8 Unaffected: v1.8.4-22   < *
    cpe:/a:redhat:rhmt:1.8::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-13.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift_ironic:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 2:1.11.3-3.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift_ironic:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-19.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift_ironic:4.14::el9
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 2:1.11.3-3.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift_ironic:4.14::el9
    cpe:/a:redhat:openshift:4.14::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202409162258-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-30.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift_ironic:4.15::el9
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 2:1.11.3-4.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift_ironic:4.15::el9
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202410230304.p0.g366295f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-5.1.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 2:1.14.4-1.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.5-7.rhaos4.16.git7db4ada.el8   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202407171536.p0.g1551101.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202409231504.p0.g342902b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
 Create a notification for this product.
   Red Hat RHEL-9-CNV-4.15 Unaffected: v4.15.5-7   < *
    cpe:/a:redhat:container_native_virtualization:4.15::el9
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
   Red Hat OpenShift Source-to-Image (S2I)     cpe:/a:redhat:source_to_image:1
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
 Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform Assisted Installer     cpe:/a:redhat:assisted_installer:
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform Assisted Installer     cpe:/a:redhat:assisted_installer:
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform Assisted Installer     cpe:/a:redhat:assisted_installer:
 Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
 Create a notification for this product.
   Red Hat Red Hat Openshift Sandboxed Containers     cpe:/a:redhat:openshift_sandboxed_containers:1
 Create a notification for this product.
   Red Hat Red Hat Openshift Sandboxed Containers     cpe:/a:redhat:openshift_sandboxed_containers:1
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-3727",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-13T17:59:41.318223Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:33:13.046Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:20:01.029Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2024:0045",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:0045",
               },
               {
                  name: "RHSA-2024:4159",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4159",
               },
               {
                  name: "RHSA-2024:4613",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2024:4613",
               },
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2024-3727",
               },
               {
                  name: "RHBZ#2274767",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274767",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/containers/image",
               defaultStatus: "unaffected",
               packageName: "image",
               versions: [
                  {
                     lessThan: "5.29.3",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "5.30.1",
                     status: "affected",
                     version: "5.30.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_api_data_protection:1.3::el9",
               ],
               defaultStatus: "affected",
               packageName: "oadp/oadp-velero-plugin-rhel9",
               product: "OADP-1.3-RHEL-9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "1.3.4-9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-central-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-collector-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-collector-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-operator-bundle",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-rhel8-operator",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-roxctl-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.4::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-v4-rhel8",
               product: "Red Hat Advanced Cluster Security 4.4",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.4.5-3",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-central-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-collector-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-collector-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-operator-bundle",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-rhel8-operator",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-roxctl-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-1",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:4.5::el8",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-v4-rhel8",
               product: "Red Hat Advanced Cluster Security 4.5",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4.5.2-2",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:8::appstream",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:rhel8",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "8100020240808093819.afee755d",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.37.2-1.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.16.1-1.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:5.2.2-1.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:rhmt:1.8::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhmtc/openshift-migration-controller-rhel8",
               product: "Red Hat Migration Toolkit for Containers 1.8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v1.8.4-22",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift_ironic:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-13.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.13::el9",
                  "cpe:/a:redhat:openshift_ironic:4.13::el9",
                  "cpe:/a:redhat:openshift:4.13::el8",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.13",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.3-3.rhaos4.13.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift_ironic:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-19.rhaos4.14.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift_ironic:4.14::el9",
                  "cpe:/a:redhat:openshift:4.14::el9",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.14",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.3-3.rhaos4.14.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/network-tools-rhel8",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-api-server-rhel8",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-node-agent-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-alibaba-machine-controllers-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-apiserver-network-proxy-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-autoscaler-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-control-plane-machine-set-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-ingress-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-network-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cluster-node-tuning-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-console",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-docker-builder",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-hypershift-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-insights-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-api-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-admission-controller-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-multus-whereabouts-ipam-cni-rhel8",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-nutanix-machine-controllers-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-controller-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-registry-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ovn-kubernetes-microshift-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-ovn-kubernetes-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-powervs-cloud-controller-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-powervs-machine-controllers-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-sdn-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-tests",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-tools-rhel8",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "415.92.202409162258-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ironic:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "3:4.4.1-30.rhaos4.15.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ironic:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.11.3-4.rhaos4.15.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-node-agent-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202410230304.p0.g366295f.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-orchestrator-rhel8",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.15::el9",
                  "cpe:/a:redhat:openshift:4.15::el8",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ironic:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "4:4.9.4-5.1.rhaos4.16.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_ironic:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "skopeo",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "2:1.14.4-1.rhaos4.16.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
                  "cpe:/a:redhat:openshift:4.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "cri-o",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.29.5-7.rhaos4.16.git7db4ada.el8",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202407171536.p0.g1551101.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-config-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-orchestrator-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202409231504.p0.g342902b.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-node-agent-rhel9",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-config-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-olm-operator-controller-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-lifecycle-manager-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-operator-registry-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-orchestrator-rhel9",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/oc-mirror-plugin-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-api-server-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-node-agent-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-orchestrator-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-machine-config-rhel9-operator",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.18::el9",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-openshift-apiserver-rhel9",
               product: "Red Hat OpenShift Container Platform 4.18",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4.15::el9",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-controller-rhel9",
               product: "RHEL-9-CNV-4.15",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "v4.15.5-7",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "unaffected",
               packageName: "multicluster-engine/agent-service-rhel8",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "unaffected",
               packageName: "multicluster-engine/assisted-installer-agent-rhel8",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "unaffected",
               packageName: "multicluster-engine/assisted-installer-reporter-rhel8",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "unaffected",
               packageName: "multicluster-engine/assisted-installer-rhel8",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:multicluster_engine",
               ],
               defaultStatus: "unaffected",
               packageName: "multicluster-engine/hive-rhel8",
               product: "Multicluster Engine for Kubernetes",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "ocp-tools-4/jenkins-agent-base-rhel8",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ocp_tools",
               ],
               defaultStatus: "affected",
               packageName: "ocp-tools-4/jenkins-rhel8",
               product: "OpenShift Developer Tools and Services",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-1/client-kn-rhel8",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:serverless:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-serverless-clients",
               product: "OpenShift Serverless",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:source_to_image:1",
               ],
               defaultStatus: "affected",
               packageName: "source-to-image-container",
               product: "OpenShift Source-to-Image (S2I)",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:acm:2",
               ],
               defaultStatus: "unaffected",
               packageName: "rhacm2/submariner-rhel8-operator",
               product: "Red Hat Advanced Cluster Management for Kubernetes 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-central-db-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-main-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-rhel8-operator",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-roxctl-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-db-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "unaffected",
               packageName: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:advanced_cluster_security:3",
               ],
               defaultStatus: "affected",
               packageName: "advanced-cluster-security/rhacs-scanner-slim-rhel8",
               product: "Red Hat Advanced Cluster Security 3",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-clients",
               product: "Red Hat Ansible Automation Platform 1.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift-clients",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "buildah",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "skopeo",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/buildah",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/conmon",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/containers-common",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "container-tools:4.0/podman",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "unaffected",
               packageName: "container-tools:4.0/skopeo",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "osbuild-composer",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "unaffected",
               packageName: "containers-common",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "osbuild-composer",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "atomic-openshift",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:3.11",
               ],
               defaultStatus: "unknown",
               packageName: "podman",
               product: "Red Hat OpenShift Container Platform 3.11",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "buildah",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "conmon",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "containers-common",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-agent-installer-csr-approver-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-baremetal-installer-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cli",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-cli-artifacts",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-deployer",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-installer",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-installer-altinfra-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-installer-artifacts",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift4/ose-olm-rukpak-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "openshift4/ose-openshift-proxy-pull-test-rhel8",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "affected",
               packageName: "openshift-clients",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4",
               ],
               defaultStatus: "unaffected",
               packageName: "ose-installer-terraform-providers-container",
               product: "Red Hat OpenShift Container Platform 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:assisted_installer:",
               ],
               defaultStatus: "affected",
               packageName: "rhai-tech-preview/assisted-installer-agent-rhel8",
               product: "Red Hat OpenShift Container Platform Assisted Installer",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:assisted_installer:",
               ],
               defaultStatus: "affected",
               packageName: "rhai-tech-preview/assisted-installer-reporter-rhel8",
               product: "Red Hat OpenShift Container Platform Assisted Installer",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:assisted_installer:",
               ],
               defaultStatus: "affected",
               packageName: "rhai-tech-preview/assisted-installer-rhel8",
               product: "Red Hat OpenShift Container Platform Assisted Installer",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_devspaces:3:",
               ],
               defaultStatus: "affected",
               packageName: "devspaces/udi-rhel8",
               product: "Red Hat OpenShift Dev Spaces",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_sandboxed_containers:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-sandboxed-containers/osc-must-gather-rhel8",
               product: "Red Hat Openshift Sandboxed Containers",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:openshift_sandboxed_containers:1",
               ],
               defaultStatus: "affected",
               packageName: "openshift-sandboxed-containers/osc-rhel8-operator",
               product: "Red Hat Openshift Sandboxed Containers",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-apiserver",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-apiserver-rhel9",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-cloner",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-cloner-rhel9",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-controller",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-importer",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-importer-rhel9",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-operator",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-operator-rhel9",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-uploadproxy",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-uploadproxy-rhel9",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-uploadserver",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:container_native_virtualization:4",
               ],
               defaultStatus: "affected",
               packageName: "container-native-virtualization/virt-cdi-uploadserver-rhel9",
               product: "Red Hat OpenShift Virtualization 4",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openstack:16.2",
               ],
               defaultStatus: "affected",
               packageName: "osp-director-provisioner-container",
               product: "Red Hat OpenStack Platform 16.2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:quay:3",
               ],
               defaultStatus: "affected",
               packageName: "quay/quay-builder-rhel8",
               product: "Red Hat Quay 3",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-05-09T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.3,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-354",
                     description: "Improper Validation of Integrity Check Value",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-20T11:51:44.252Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:0045",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:0045",
            },
            {
               name: "RHSA-2024:3718",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:3718",
            },
            {
               name: "RHSA-2024:4159",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4159",
            },
            {
               name: "RHSA-2024:4613",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4613",
            },
            {
               name: "RHSA-2024:4850",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4850",
            },
            {
               name: "RHSA-2024:4960",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:4960",
            },
            {
               name: "RHSA-2024:5258",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:5258",
            },
            {
               name: "RHSA-2024:5951",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:5951",
            },
            {
               name: "RHSA-2024:6054",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6054",
            },
            {
               name: "RHSA-2024:6122",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6122",
            },
            {
               name: "RHSA-2024:6708",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6708",
            },
            {
               name: "RHSA-2024:6818",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6818",
            },
            {
               name: "RHSA-2024:6824",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:6824",
            },
            {
               name: "RHSA-2024:7164",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7164",
            },
            {
               name: "RHSA-2024:7174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7174",
            },
            {
               name: "RHSA-2024:7182",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7182",
            },
            {
               name: "RHSA-2024:7187",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7187",
            },
            {
               name: "RHSA-2024:7922",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7922",
            },
            {
               name: "RHSA-2024:7941",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:7941",
            },
            {
               name: "RHSA-2024:8260",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8260",
            },
            {
               name: "RHSA-2024:8425",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:8425",
            },
            {
               name: "RHSA-2024:9097",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9097",
            },
            {
               name: "RHSA-2024:9098",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9098",
            },
            {
               name: "RHSA-2024:9102",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9102",
            },
            {
               name: "RHSA-2024:9960",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:9960",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-3727",
            },
            {
               name: "RHBZ#2274767",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274767",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-04-12T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-05-09T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Containers/image: digest type does not guarantee valid type",
         x_redhatCweChain: "CWE-354: Improper Validation of Integrity Check Value",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-3727",
      datePublished: "2024-05-09T14:57:21.327Z",
      dateReserved: "2024-04-12T17:56:37.261Z",
      dateUpdated: "2025-03-20T11:51:44.252Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}