Action not permitted
Modal body text goes here.
CVE-2021-3765
Vulnerability from cvelistv5
Published
2021-11-02 07:05
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Inefficient Regular Expression Complexity in validatorjs/validator.js
References
▼ | URL | Tags | |
---|---|---|---|
security@huntr.dev | https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1 | Patch, Third Party Advisory | |
security@huntr.dev | https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9 | Exploit, Issue Tracking, Patch, Third Party Advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
validatorjs | validatorjs/validator.js |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.828Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "validatorjs/validator.js", "vendor": "validatorjs", "versions": [ { "lessThan": "13.7.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "validator.js is vulnerable to Inefficient Regular Expression Complexity" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1333", "description": "CWE-1333 Inefficient Regular Expression Complexity", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-02T07:05:10", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" } ], "source": { "advisory": "c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "discovery": "EXTERNAL" }, "title": "Inefficient Regular Expression Complexity in validatorjs/validator.js", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3765", "STATE": "PUBLIC", "TITLE": "Inefficient Regular Expression Complexity in validatorjs/validator.js" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "validatorjs/validator.js", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "13.7.0" } ] } } ] }, "vendor_name": "validatorjs" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "validator.js is vulnerable to Inefficient Regular Expression Complexity" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-1333 Inefficient Regular Expression Complexity" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" }, { "name": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1", "refsource": "MISC", "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" } ] }, "source": { "advisory": "c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3765", "datePublished": "2021-11-02T07:05:10", "dateReserved": "2021-09-03T00:00:00", "dateUpdated": "2024-08-03T17:09:08.828Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-3765\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2021-11-02T07:15:07.280\",\"lastModified\":\"2023-07-07T19:27:40.960\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"validator.js is vulnerable to Inefficient Regular Expression Complexity\"},{\"lang\":\"es\",\"value\":\"validator.js es vulnerable a una Complejidad de Expresi\u00f3n Regular Ineficiente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:validator_project:validator:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"13.7.0\",\"matchCriteriaId\":\"FE164340-06C4-486F-95C9-2AD5651EE909\"}]}]}],\"references\":[{\"url\":\"https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9\",\"source\":\"security@huntr.dev\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]}]}}" } }
rhsa-2023_3742
Vulnerability from csaf_redhat
Published
2023-06-21 15:22
Modified
2024-11-14 00:04
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
Security Fix(es):
* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)
* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)
* vault: incorrect policy enforcement (CVE-2021-43998)
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)
* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)
* vault: insufficient certificate revocation list checking (CVE-2022-41316)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* vault: Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)
* hashicorp/vault: Vault’s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)
* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)
* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)
* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)\n\n* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)\n\n* vault: incorrect policy enforcement (CVE-2021-43998)\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)\n\n* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\n* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)\n\n* vault: insufficient certificate revocation list checking (CVE-2022-41316)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\n* vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)\n\n* hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)\n\n* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)\n\n* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)\n\n* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:3742", "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index" }, { "category": "external", "summary": "1786696", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786696" }, { "category": "external", "summary": "1855339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855339" }, { "category": "external", "summary": "1943137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943137" }, { "category": "external", "summary": "1944687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944687" }, { "category": "external", "summary": "1989088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989088" }, { "category": "external", "summary": "2005040", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005040" }, { "category": "external", "summary": "2005830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005830" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2028193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193" }, { "category": "external", "summary": "2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "2042914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042914" }, { "category": "external", "summary": "2052252", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052252" }, { "category": "external", "summary": "2101497", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101497" }, { "category": "external", "summary": "2101916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101916" }, { "category": "external", "summary": "2102304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102304" }, { "category": "external", "summary": "2104148", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104148" }, { "category": "external", "summary": "2107388", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388" }, { "category": "external", "summary": "2113814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814" }, { "category": "external", "summary": "2115020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115020" }, { "category": "external", "summary": "2115616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115616" }, { "category": "external", "summary": "2119551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551" }, { "category": "external", "summary": "2120098", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120098" }, { "category": "external", "summary": "2120944", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120944" }, { "category": "external", "summary": "2124668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "category": "external", "summary": "2124669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "category": "external", "summary": "2126299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299" }, { "category": "external", "summary": "2132867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "category": "external", "summary": "2132868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "category": "external", "summary": "2132872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2135339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339" }, { "category": "external", "summary": "2139037", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139037" }, { "category": "external", "summary": "2141095", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141095" }, { "category": "external", "summary": "2142651", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142651" }, { "category": "external", "summary": "2142894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142894" }, { "category": "external", "summary": "2142941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142941" }, { "category": "external", "summary": "2143944", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143944" }, { "category": "external", "summary": "2144256", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144256" }, { "category": "external", "summary": "2151903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151903" }, { "category": "external", "summary": "2152143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152143" }, { "category": "external", "summary": "2154250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154250" }, { "category": "external", "summary": "2155507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155507" }, { "category": "external", "summary": "2155743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155743" }, { "category": "external", "summary": "2156067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156067" }, { "category": "external", "summary": "2156069", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156069" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156519" }, { "category": "external", "summary": "2156727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727" }, { "category": "external", "summary": "2156729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729" }, { "category": "external", "summary": "2157876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2157876" }, { "category": "external", "summary": "2158922", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158922" }, { "category": "external", "summary": "2159676", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159676" }, { "category": "external", "summary": "2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "2161879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161879" }, { "category": "external", "summary": "2161937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161937" }, { "category": "external", "summary": "2162257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162257" }, { "category": "external", "summary": "2164617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164617" }, { "category": "external", "summary": "2165495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165495" }, { "category": "external", "summary": "2165504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165504" }, { "category": "external", "summary": "2165929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165929" }, { "category": "external", "summary": "2165938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165938" }, { "category": "external", "summary": "2165984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165984" }, { "category": "external", "summary": "2166222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166222" }, { "category": "external", "summary": "2166234", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166234" }, { "category": "external", "summary": "2166869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166869" }, { "category": "external", "summary": "2167299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167299" }, { "category": "external", "summary": "2167308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167308" }, { "category": "external", "summary": "2167337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337" }, { "category": "external", "summary": "2167340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340" }, { "category": "external", "summary": "2167946", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167946" }, { "category": "external", "summary": "2168113", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168113" }, { "category": "external", "summary": "2168635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168635" }, { "category": "external", "summary": "2168840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168840" }, { "category": "external", "summary": "2168849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168849" }, { "category": "external", "summary": "2169375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375" }, { "category": "external", "summary": "2169378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378" }, { "category": "external", "summary": "2169779", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169779" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2170673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170673" }, { "category": "external", "summary": "2172089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172089" }, { "category": "external", "summary": "2172365", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172365" }, { "category": "external", "summary": "2172521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172521" }, { "category": "external", "summary": "2173161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173161" }, { "category": "external", "summary": "2173528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173528" }, { "category": "external", "summary": "2173534", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173534" }, { "category": "external", "summary": "2173926", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173926" }, { "category": "external", "summary": "2175612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175612" }, { "category": "external", "summary": "2175685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175685" }, { "category": "external", "summary": "2175714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175714" }, { "category": "external", "summary": "2175867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175867" }, { "category": "external", "summary": "2176080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176080" }, { "category": "external", "summary": "2176456", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176456" }, { "category": "external", "summary": "2176739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176739" }, { "category": "external", "summary": "2176776", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176776" }, { "category": "external", "summary": "2176798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176798" }, { "category": "external", "summary": "2176809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176809" }, { "category": "external", "summary": "2177134", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177134" }, { "category": "external", "summary": "2177221", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177221" }, { "category": "external", "summary": "2177325", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177325" }, { "category": "external", "summary": "2177695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177695" }, { "category": "external", "summary": "2177844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844" }, { "category": "external", "summary": "2178033", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178033" }, { "category": "external", "summary": "2178358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358" }, { "category": "external", "summary": "2178488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488" }, { "category": "external", "summary": "2178492", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492" }, { "category": "external", "summary": "2178588", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178588" }, { "category": "external", "summary": "2178619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178619" }, { "category": "external", "summary": "2178682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178682" }, { "category": "external", "summary": "2179133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179133" }, { "category": "external", "summary": "2179337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179337" }, { "category": "external", "summary": "2179403", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179403" }, { "category": "external", "summary": "2179846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179846" }, { "category": "external", "summary": "2179860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179860" }, { "category": "external", "summary": "2179976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179976" }, { "category": "external", "summary": "2179981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179981" }, { "category": "external", "summary": "2179997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179997" }, { "category": "external", "summary": "2180211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180211" }, { "category": "external", "summary": "2180397", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180397" }, { "category": "external", "summary": "2180440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180440" }, { "category": "external", "summary": "2180921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180921" }, { "category": "external", "summary": "2181112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181112" }, { "category": "external", "summary": "2181133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181133" }, { "category": "external", "summary": "2181446", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181446" }, { "category": "external", "summary": "2181535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181535" }, { "category": "external", "summary": "2181551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181551" }, { "category": "external", "summary": "2181832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181832" }, { "category": "external", "summary": "2181949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181949" }, { "category": "external", "summary": "2182041", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182041" }, { "category": "external", "summary": "2182296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182296" }, { "category": "external", "summary": "2182375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182375" }, { "category": "external", "summary": "2182644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182644" }, { "category": "external", "summary": "2182664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182664" }, { "category": "external", "summary": "2182703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182703" }, { "category": "external", "summary": "2182972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972" }, { "category": "external", "summary": "2182981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981" }, { "category": "external", "summary": "2183155", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183155" }, { "category": "external", "summary": "2183196", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183196" }, { "category": "external", "summary": "2183266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183266" }, { "category": "external", "summary": "2183457", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183457" }, { "category": "external", "summary": "2183478", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183478" }, { "category": "external", "summary": "2183520", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183520" }, { "category": "external", "summary": "2184068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184068" }, { "category": "external", "summary": "2184605", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184605" }, { "category": "external", "summary": "2184663", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663" }, { "category": "external", "summary": "2184769", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184769" }, { "category": "external", "summary": "2184773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184773" }, { "category": "external", "summary": "2184892", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184892" }, { "category": "external", "summary": "2184984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184984" }, { "category": "external", "summary": "2185164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185164" }, { "category": "external", "summary": "2185188", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185188" }, { "category": "external", "summary": "2185757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185757" }, { "category": "external", "summary": "2185871", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185871" }, { "category": "external", "summary": "2186171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186171" }, { "category": "external", "summary": "2186225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186225" }, { "category": "external", "summary": "2186475", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186475" }, { "category": "external", "summary": "2186752", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186752" }, { "category": "external", "summary": "2187251", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187251" }, { "category": "external", "summary": "2187296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187296" }, { "category": "external", "summary": "2187736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187736" }, { "category": "external", "summary": "2187952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187952" }, { "category": "external", "summary": "2187969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187969" }, { "category": "external", "summary": "2187986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187986" }, { "category": "external", "summary": "2188053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188053" }, { "category": "external", "summary": "2188238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188238" }, { "category": "external", "summary": "2188303", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188303" }, { "category": "external", "summary": "2188427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188427" }, { "category": "external", "summary": "2188666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188666" }, { "category": "external", "summary": "2189483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189483" }, { "category": "external", "summary": "2189929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189929" }, { "category": "external", "summary": "2189982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189982" }, { "category": "external", "summary": "2189984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189984" }, { "category": "external", "summary": "2190129", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190129" }, { "category": "external", "summary": "2190241", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190241" }, { "category": "external", "summary": "2192088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192088" }, { "category": "external", "summary": "2192670", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192670" }, { "category": "external", "summary": "2192824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192824" }, { "category": "external", "summary": "2192875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192875" }, { "category": "external", "summary": "2193114", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193114" }, { "category": "external", "summary": "2193220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193220" }, { "category": "external", "summary": "2196176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196176" }, { "category": "external", "summary": "2196236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196236" }, { "category": "external", "summary": "2196298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196298" }, { "category": "external", "summary": "2203795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203795" }, { "category": "external", "summary": "2208029", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208029" }, { "category": "external", "summary": "2208079", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208079" }, { "category": "external", "summary": "2208269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208269" }, { "category": "external", "summary": "2208558", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208558" }, { "category": "external", "summary": "2208962", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208962" }, { "category": "external", "summary": "2209364", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209364" }, { "category": "external", "summary": "2209643", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209643" }, { "category": "external", "summary": "2209695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209695" }, { "category": "external", "summary": "2210964", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210964" }, { "category": "external", "summary": "2211334", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211334" }, { "category": "external", "summary": "2211343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211343" }, { "category": "external", "summary": "2211704", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211704" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3742.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update", "tracking": { "current_release_date": "2024-11-14T00:04:11+00:00", "generator": { "date": "2024-11-14T00:04:11+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2023:3742", "initial_release_date": "2023-06-21T15:22:11+00:00", "revision_history": [ { "date": "2023-06-21T15:22:11+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-06-22T19:51:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T00:04:11+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHODF 4.13 for RHEL 9", "product": { "name": "RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_data_foundation:4.13::el9" } } } ], "category": "product_family", "name": "Red Hat OpenShift Data Foundation" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "product": { "name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "product_id": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "product": { "name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "product_id": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "product": { "name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "product_id": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "product": { "name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "product_id": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "product": { "name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "product_id": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "product_id": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "product_id": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "product": { "name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "product_id": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "product": { "name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "product_id": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "product": { "name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "product_id": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "product_id": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "product": { "name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "product_id": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "product": { "name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "product_id": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "product_id": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "product_id": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "product": { "name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "product_id": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "product": { "name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "product_id": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "product": { "name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "product_id": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "product": { "name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "product_id": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "product": { "name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "product_id": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "product": { "name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "product_id": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "product_id": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "product_id": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "product": { "name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "product_id": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "product": { "name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "product_id": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "product": { "name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "product_id": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "product_id": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "product": { "name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "product_id": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "product": { "name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "product_id": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "product_id": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "product_id": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "product": { "name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "product_id": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "product": { "name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "product_id": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "product": { "name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "product_id": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "product": { "name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "product_id": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "product": { "name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "product_id": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "product": { "name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "product_id": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "product_id": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "product_id": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "product": { "name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "product_id": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "product": { "name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "product_id": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "product": { "name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "product_id": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "product_id": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "product": { "name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "product_id": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "product": { "name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "product_id": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "product_id": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "product_id": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "product": { "name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "product_id": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "product": { "name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "product_id": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "product": { "name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "product_id": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "product": { "name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "product_id": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "product_id": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "product": { "name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "product_id": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "product_id": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "product": { "name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "product_id": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "product": { "name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "product_id": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64" }, "product_reference": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x" }, "product_reference": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" }, "product_reference": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le" }, "product_reference": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x" }, "product_reference": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64" }, "product_reference": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" }, "product_reference": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le" }, "product_reference": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x" }, "product_reference": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64" }, "product_reference": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le" }, "product_reference": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x" }, "product_reference": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64" }, "product_reference": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64" }, "product_reference": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le" }, "product_reference": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" }, "product_reference": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le" }, "product_reference": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x" }, "product_reference": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64" }, "product_reference": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x" }, "product_reference": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64" }, "product_reference": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64" }, "product_reference": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" }, "product_reference": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le" }, "product_reference": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64" }, "product_reference": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64" }, "product_reference": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" }, "product_reference": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-16250", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2023-02-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2167337" } ], "notes": [ { "category": "description", "text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulated and bypass authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-16250" }, { "category": "external", "summary": "RHBZ#2167337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-16250", "url": "https://www.cve.org/CVERecord?id=CVE-2020-16250" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101", "url": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101" } ], "release_date": "2020-08-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass" }, { "cve": "CVE-2020-16251", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2023-02-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2167340" } ], "notes": [ { "category": "description", "text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In affected versions of Vault, with the GCP Auth Method configured and under certain circumstances, the values relied upon by Vault to validate Google Compute Engine (GCE) VMs may be manipulated and bypass authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: GCP Auth Method Allows Authentication Bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-16251" }, { "category": "external", "summary": "RHBZ#2167340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-16251", "url": "https://www.cve.org/CVERecord?id=CVE-2020-16251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102", "url": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102" } ], "release_date": "2020-08-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: GCP Auth Method Allows Authentication Bypass" }, { "cve": "CVE-2021-3765", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-09-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126299" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the validator package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "validator: Inefficient Regular Expression Complexity in Validator.js", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3765" }, { "category": "external", "summary": "RHBZ#2126299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3765", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3765" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765" }, { "category": "external", "summary": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" } ], "release_date": "2021-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "validator: Inefficient Regular Expression Complexity in Validator.js" }, { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-4235", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156727" } ], "notes": [ { "category": "description", "text": "A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-yaml: Denial of Service in go-yaml", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4235" }, { "category": "external", "summary": "RHBZ#2156727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4235", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235" }, { "category": "external", "summary": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241", "url": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241" }, { "category": "external", "summary": "https://github.com/go-yaml/yaml/pull/375", "url": "https://github.com/go-yaml/yaml/pull/375" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2021-0061", "url": "https://pkg.go.dev/vuln/GO-2021-0061" } ], "release_date": "2022-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "go-yaml: Denial of Service in go-yaml" }, { "cve": "CVE-2021-4238", "cwe": { "id": "CWE-331", "name": "Insufficient Entropy" }, "discovery_date": "2022-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156729" } ], "notes": [ { "category": "description", "text": "A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4238" }, { "category": "external", "summary": "RHBZ#2156729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4238", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4238" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238" }, { "category": "external", "summary": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1", "url": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-3839-6r69-m497", "url": "https://github.com/advisories/GHSA-3839-6r69-m497" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-0411", "url": "https://pkg.go.dev/vuln/GO-2022-0411" } ], "release_date": "2022-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be" }, { "cve": "CVE-2021-43998", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2021-11-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2028193" } ], "notes": [ { "category": "description", "text": "A flaw was found in HashiCorp Vault. In affected versions of HashiCorp Vault and Vault Enterprise, templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: incorrect policy enforcement", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-43998" }, { "category": "external", "summary": "RHBZ#2028193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43998", "url": "https://www.cve.org/CVERecord?id=CVE-2021-43998" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132", "url": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132" } ], "release_date": "2021-11-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: incorrect policy enforcement" }, { "cve": "CVE-2021-44531", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040839" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Improper handling of URI Subject Alternative Names", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44531" }, { "category": "external", "summary": "RHBZ#2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Improper handling of URI Subject Alternative Names" }, { "cve": "CVE-2021-44532", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040846" } ], "notes": [ { "category": "description", "text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Certificate Verification Bypass via String Injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44532" }, { "category": "external", "summary": "RHBZ#2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Certificate Verification Bypass via String Injection" }, { "cve": "CVE-2021-44533", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040856" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Incorrect handling of certificate subject and issuer fields", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44533" }, { "category": "external", "summary": "RHBZ#2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Incorrect handling of certificate subject and issuer fields" }, { "acknowledgments": [ { "names": [ "Adam Korczynski" ], "organization": "ADA Logics" }, { "names": [ "OSS-Fuzz" ] } ], "cve": "CVE-2022-2879", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132867" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: archive/tar: unbounded memory consumption when reading headers", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2879" }, { "category": "external", "summary": "RHBZ#2132867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879" }, { "category": "external", "summary": "https://github.com/golang/go/issues/54853", "url": "https://github.com/golang/go/issues/54853" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: archive/tar: unbounded memory consumption when reading headers" }, { "acknowledgments": [ { "names": [ "Daniel Abeles" ], "organization": "Head of Research, Oxeye" }, { "names": [ "Gal Goldstein" ], "organization": "Security Researcher, Oxeye" } ], "cve": "CVE-2022-2880", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132868" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2880" }, { "category": "external", "summary": "RHBZ#2132868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880" }, { "category": "external", "summary": "https://github.com/golang/go/issues/54663", "url": "https://github.com/golang/go/issues/54663" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-21824", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040862" } ], "notes": [ { "category": "description", "text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Prototype pollution via console.table properties", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-21824" }, { "category": "external", "summary": "RHBZ#2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824", "url": "https://www.cve.org/CVERecord?id=CVE-2022-21824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs: Prototype pollution via console.table properties" }, { "cve": "CVE-2022-23540", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2023-02-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2169378" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jsonwebtoken library. In affected versions of the jsonwebtoken library, lack of algorithm definition and a falsy secret or key in the jwt.verify() function may lead to signature validation bypass due to defaulting to the none algorithm for signature verification.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23540" }, { "category": "external", "summary": "RHBZ#2169378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23540", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540" }, { "category": "external", "summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6" } ], "release_date": "2022-12-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass" }, { "cve": "CVE-2022-23541", "cwe": { "id": "CWE-1259", "name": "Improper Restriction of Security Token Assignment" }, "discovery_date": "2023-02-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2169375" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jsonwebtoken library. Affected versions of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function will result in incorrect verification of tokens. Using a different algorithm and key combination in verification than what was used to sign the tokens, specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to the successful validation of forged tokens.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23541" }, { "category": "external", "summary": "RHBZ#2169375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23541", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23541" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541" }, { "category": "external", "summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959" } ], "release_date": "2022-12-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC" }, { "cve": "CVE-2022-27664", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124669" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: handle server errors after sending GOAWAY", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-27664" }, { "category": "external", "summary": "RHBZ#2124669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664", "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664" }, { "category": "external", "summary": "https://go.dev/issue/54658", "url": "https://go.dev/issue/54658" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: handle server errors after sending GOAWAY" }, { "cve": "CVE-2022-30635", "cwe": { "id": "CWE-1325", "name": "Improperly Controlled Sequential Memory Allocation" }, "discovery_date": "2022-07-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2107388" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: encoding/gob: stack exhaustion in Decoder.Decode", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-30635" }, { "category": "external", "summary": "RHBZ#2107388", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635", "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635" }, { "category": "external", "summary": "https://go.dev/issue/53615", "url": "https://go.dev/issue/53615" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" } ], "release_date": "2022-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: encoding/gob: stack exhaustion in Decoder.Decode" }, { "cve": "CVE-2022-32189", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-08-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2113814" } ], "notes": [ { "category": "description", "text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32189" }, { "category": "external", "summary": "RHBZ#2113814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189" }, { "category": "external", "summary": "https://go.dev/issue/53871", "url": "https://go.dev/issue/53871" }, { "category": "external", "summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU", "url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU" } ], "release_date": "2022-08-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service" }, { "cve": "CVE-2022-32190", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124668" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/url: JoinPath does not strip relative path components in all circumstances", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32190" }, { "category": "external", "summary": "RHBZ#2124668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32190" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190" }, { "category": "external", "summary": "https://go.dev/issue/54385", "url": "https://go.dev/issue/54385" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/url: JoinPath does not strip relative path components in all circumstances" }, { "cve": "CVE-2022-38149", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2022-08-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2119551" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the HashiCorp Consul Template. This issue may reveal the contents of a Vault secret when used with an invalid template.", "title": "Vulnerability description" }, { "category": "summary", "text": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38149" }, { "category": "external", "summary": "RHBZ#2119551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215", "url": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215" } ], "release_date": "2022-08-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-41316", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135339" } ], "notes": [ { "category": "description", "text": "A flaw was found in HashiCorp Vault and Vault Enterprise. Vault\u2019s TLS certificate auth method did not initially load the optionally-configured CRL issued by the role\u2019s Certificate Authority (CA) into memory on startup, resulting in the revocation list not being checked if the CRL has not yet been retrieved.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: insufficient certificate revocation list checking", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41316" }, { "category": "external", "summary": "RHBZ#2135339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41316", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41316" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483", "url": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483" } ], "release_date": "2022-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: insufficient certificate revocation list checking" }, { "acknowledgments": [ { "names": [ "Adam Korczynski" ], "organization": "ADA Logics" }, { "names": [ "OSS-Fuzz" ] } ], "cve": "CVE-2022-41715", "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132872" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: regexp/syntax: limit memory used by parsing regexps", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41715" }, { "category": "external", "summary": "RHBZ#2132872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715" }, { "category": "external", "summary": "https://github.com/golang/go/issues/55949", "url": "https://github.com/golang/go/issues/55949" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: regexp/syntax: limit memory used by parsing regexps" }, { "cve": "CVE-2022-41717", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-01-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161274" } ], "notes": [ { "category": "description", "text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41717" }, { "category": "external", "summary": "RHBZ#2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717" }, { "category": "external", "summary": "https://go.dev/cl/455635", "url": "https://go.dev/cl/455635" }, { "category": "external", "summary": "https://go.dev/cl/455717", "url": "https://go.dev/cl/455717" }, { "category": "external", "summary": "https://go.dev/issue/56350", "url": "https://go.dev/issue/56350" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-1144", "url": "https://pkg.go.dev/vuln/GO-2022-1144" } ], "release_date": "2022-11-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests" }, { "acknowledgments": [ { "names": [ "Philippe Antoine" ], "organization": "Catena Cyber" } ], "cve": "CVE-2022-41723", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-03-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178358" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding", "title": "Vulnerability summary" }, { "category": "other", "text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41723" }, { "category": "external", "summary": "RHBZ#2178358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", "url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h" }, { "category": "external", "summary": "https://go.dev/cl/468135", "url": "https://go.dev/cl/468135" }, { "category": "external", "summary": "https://go.dev/cl/468295", "url": "https://go.dev/cl/468295" }, { "category": "external", "summary": "https://go.dev/issue/57855", "url": "https://go.dev/issue/57855" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1571", "url": "https://pkg.go.dev/vuln/GO-2023-1571" }, { "category": "external", "summary": "https://vuln.go.dev/ID/GO-2023-1571.json", "url": "https://vuln.go.dev/ID/GO-2023-1571.json" } ], "release_date": "2023-02-17T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding" }, { "cve": "CVE-2022-41724", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-03-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178492" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: large handshake records may cause panics", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41724" }, { "category": "external", "summary": "RHBZ#2178492", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724" }, { "category": "external", "summary": "https://go.dev/cl/468125", "url": "https://go.dev/cl/468125" }, { "category": "external", "summary": "https://go.dev/issue/58001", "url": "https://go.dev/issue/58001" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1570", "url": "https://pkg.go.dev/vuln/GO-2023-1570" } ], "release_date": "2023-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/tls: large handshake records may cause panics" }, { "cve": "CVE-2022-41725", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-03-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178488" } ], "notes": [ { "category": "description", "text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41725" }, { "category": "external", "summary": "RHBZ#2178488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725" }, { "category": "external", "summary": "https://go.dev/cl/468124", "url": "https://go.dev/cl/468124" }, { "category": "external", "summary": "https://go.dev/issue/58006", "url": "https://go.dev/issue/58006" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1569", "url": "https://pkg.go.dev/vuln/GO-2023-1569" } ], "release_date": "2023-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2023-0620", "cwe": { "id": "CWE-89", "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" }, "discovery_date": "2023-04-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2184663" } ], "notes": [ { "category": "description", "text": "A flaw was found in HashiCorp Vault and Vault Enterprise, which are vulnerable to SQL injection. This flaw allows a local authenticated attacker to send specially-crafted SQL statements to the Microsoft SQL (MSSQL) Database Storage Backend, which could allow the attacker to view, add, modify, or delete information in the backend database.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0620" }, { "category": "external", "summary": "RHBZ#2184663", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0620", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0620" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080", "url": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080" } ], "release_date": "2023-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File" }, { "cve": "CVE-2023-0665", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2023-03-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2182981" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Hashicorp vault. Vault\u2019s PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in a denial of service of the PKI mount. This bug did not affect public or private key material, trust chains, or certificate issuance.", "title": "Vulnerability description" }, { "category": "summary", "text": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0665" }, { "category": "external", "summary": "RHBZ#2182981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0665", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0665" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1", "url": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1" } ], "release_date": "2023-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata" }, { "cve": "CVE-2023-24999", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-03-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2177844" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Hashicorp vault. When using the Vault and Vault Enterprise approle auth method, any authenticated user with access to the /auth/approle/role/:role_name/secret-id-accessor/destroy endpoint can destroy the secret ID of another role by providing the secret ID accessor.", "title": "Vulnerability description" }, { "category": "summary", "text": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-24999" }, { "category": "external", "summary": "RHBZ#2177844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2023-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305", "url": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305" } ], "release_date": "2023-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation" }, { "cve": "CVE-2023-25000", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2023-03-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2182972" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Hashicorp vault. This flaw allows an attacker with access to and the ability to observe a large number of unseal operations on the host through a side channel to reduce the search space of a brute-force effort to recover the Shamir shares.", "title": "Vulnerability description" }, { "category": "summary", "text": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25000" }, { "category": "external", "summary": "RHBZ#2182972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25000", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25000" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078", "url": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078" } ], "release_date": "2023-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations" } ] }
rhsa-2023_7820
Vulnerability from csaf_redhat
Published
2023-12-14 06:09
Modified
2024-11-11 04:44
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.10 Bug Fix Update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.10 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.10 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:7820", "url": "https://access.redhat.com/errata/RHSA-2023:7820" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2126299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299" }, { "category": "external", "summary": "2244765", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244765" }, { "category": "external", "summary": "2246334", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246334" }, { "category": "external", "summary": "2247112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247112" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7820.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.10 Bug Fix Update", "tracking": { "current_release_date": "2024-11-11T04:44:49+00:00", "generator": { "date": "2024-11-11T04:44:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:7820", "initial_release_date": "2023-12-14T06:09:09+00:00", "revision_history": [ { "date": "2023-12-14T06:09:09+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-12-14T06:09:09+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-11T04:44:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHODF 4.12 for RHEL 8", "product": { "name": "RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_data_foundation:4.12::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Data Foundation" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64", "product": { "name": "odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64", "product_id": "odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "product": { "name": "odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "product_id": "odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64", "product": { "name": "odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64", "product_id": "odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64", "product": { "name": "odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64", "product_id": "odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64", "product_id": "odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64", "product_id": "odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64", "product_id": "odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64", "product": { "name": "odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64", "product_id": "odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64", "product": { "name": "odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64", "product_id": "odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64", "product": { "name": "odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64", "product_id": "odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64", "product": { "name": "odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64", "product_id": "odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64", "product": { "name": "odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64", "product_id": "odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64", "product_id": "odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64", "product_id": "odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64", "product": { "name": "odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64", "product_id": "odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.10-1" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le", "product": { "name": "odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le", "product_id": "odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le", "product": { "name": "odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le", "product_id": "odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le", "product": { "name": "odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le", "product_id": "odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le", "product": { "name": "odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le", "product_id": "odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le", "product_id": "odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le", "product_id": "odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le", "product_id": "odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le", "product": { "name": "odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le", "product_id": "odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le", "product": { "name": "odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le", "product_id": "odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le", "product": { "name": "odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le", "product_id": "odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le", "product": { "name": "odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le", "product_id": "odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le", "product": { "name": "odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le", "product_id": "odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le", "product_id": "odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le", "product_id": "odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le", "product": { "name": "odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le", "product_id": "odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.10-1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x", "product": { "name": "odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x", "product_id": "odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "product": { "name": "odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "product_id": "odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x", "product": { "name": "odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x", "product_id": "odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x", "product": { "name": "odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x", "product_id": "odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x", "product_id": "odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x", "product_id": "odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x", "product_id": "odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x", "product": { "name": "odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x", "product_id": "odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x", "product": { "name": "odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x", "product_id": "odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x", "product": { "name": "odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x", "product_id": "odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x", "product": { "name": "odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x", "product_id": "odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x", "product": { "name": "odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x", "product_id": "odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x", "product_id": "odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x", "product_id": "odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.10-2" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x", "product": { "name": "odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x", "product_id": "odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.10-1" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.10-1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le" }, "product_reference": "odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64" }, "product_reference": "odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x" }, "product_reference": "odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x" }, "product_reference": "odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64" }, "product_reference": "odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le" }, "product_reference": "odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64" }, "product_reference": "odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x" }, "product_reference": "odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le" }, "product_reference": "odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x" }, "product_reference": "odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le" }, "product_reference": "odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64" }, "product_reference": "odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le" }, "product_reference": "odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64" }, "product_reference": "odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x" }, "product_reference": "odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64" }, "product_reference": "odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le" }, "product_reference": "odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x" }, "product_reference": "odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x" }, "product_reference": "odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64" }, "product_reference": "odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le" }, "product_reference": "odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le" }, "product_reference": "odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x" }, "product_reference": "odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64" }, "product_reference": "odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3765", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-09-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126299" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the validator package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "validator: Inefficient Regular Expression Complexity in Validator.js", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le" ], "known_not_affected": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:59fa82c420af8e3f8dd1695b121eb64c59f76f803770c59fd5c9025a64032663_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:9f4cb5a11dfa61981c6dadd991d3e90e9ca8e2cad5faed24d5f15fe940f05227_amd64", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:c4748e43addf26e45b55f83d880fc82a9e1bb22e37e3b2e7f0f1348292740641_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:11d39cdbab29d92bec64010995279f05a83d99cb55965b9f6d057ff8a43da75e_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:a80f396cd90b7118d6eb065a6d47969bf77386419559531c59ad8c025af89f9b_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b21ba1915554201c5ef43abb66eac13482593fe31ce05a72cf909e4f385f5daf_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:606eaed06a442f11481538e980bf3a78db7f788f8008c410e49de6f8dcf2feb3_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:78aa0073d7959991ce47558ae58a51966d237953acdce97e3118d108f0c398e8_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:e95907b1a04b7f59bdb8e7e7a4cbfa996079485288aa9fe10b7148a832b10951_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:64fd66b088db2e61330c1d9fe3e51ab1136814855987dabf3087e20948ef9718_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:fbcd8ca8bf948eb61168513d162ed8ae0fc15583131984981d395dbed1df613c_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:fc75b551c40cdaa9341d376ff7f864d5f9181bcb980923325fa7432e7063a13f_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:9cf0c0be2573f66f3c8324edbba9cea51e003d97bf9582be3aced5ff0d9a743c_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:adc09956f55af7e021e3569d0291b3fc7fb3165eb665d41c9169f4b1d1011ecc_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:f9acde458aa1cad7e8e20f9d29600c4e157ee9abef94fdab44a3e18389b7ddf6_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:1d330903fd2a458e81159eedb3e97e76fe4eb83ed71237c8753ec2489a929b41_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:3cf36e925f9661565fdfb3ffbf1443ef432788cba4cb6374f2d1b2120b94171b_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:b527a1f2013d7af593ce1611eaa6c091370b80b3612638204ab6bc061d731dc0_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:236b118b12fbd84139b4a4bd1b11577fb3b4defdda8f81410aa9d3d94d091dbb_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:4e14d564a967f545ba76d0965f1f60da2c49284e5fddfed2b21972012dc6c7c1_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:818620ff8d86e41b4c8b183955e983ab08e90a04c2aab5c1ebbce8d241bdbd1c_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:747dfd6f76eacea2f2d947e4d8130ce0b0122f9cd932f4c64854d0ce164eef27_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:bcb41572adbe0bef128b29ed9541a2f46730b80e8cb178d47b1c3ee0dbf89b46_ppc64le", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:f01081270128adaca2f0305213548b1c3958a16b698473803c2f1b1d678cad1f_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:40aa0fd89dfc6ba1744ada546bc778c28ceff4b1ff7c31fb935010804d299d4f_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:7911982f807eda446a87a477ec75ec1d0908303c1c851ba717963c3ae64f2f9d_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:fc75d7525aa3b9e12cf14ecbd99d79c070b3ff4417afdca014e6de70203a9d99_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6029aded51d62d9ca0104cc59754f6349c5e70cf7846c6ac94470715e491a003_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:c4e2d1cef288d4756c23ec949f75eed26f8d3374d38ec805fae43568a1880cc7_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:dca1df957b61491aa2964606f443a127a0d6afc500ad3c3d24c9178821b81c8c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:0f33b6e8f7022b09dfeb92926783d39f3635325d4a36f82ae534cfae8c7b0a3b_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:524023bc8569230721f9f7526034e7793dd50d03d931a2de910af5affaca4f4f_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:ab492146266cce67917cbed2f5bc1266c895f4f863790a487d5a4295b0805896_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:00ee14dc29e19896966cc83c2b9ecf8ef0adace88784e836e14941c4c715c2af_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:50957f5abc4e913bce3a59cb41f9ac8186d876b11a7417c65eeeea829953a66e_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:7e54f2580f21158b97f0337f0f04810b271e1aca6372a4873ee6b73ececc6dd3_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:815182de80bbdd2060c56998bd5615c0cc6114dab00b217a31642000d4f82455_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:949e9256a096c2ce8a9423b0e5b43b437edf2afcea4562ce1fd70ad89dbfb3aa_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:99213f9f76cd01eeca7e8c53a81a4a72ad3a64906a276df3990872f776c1019f_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:14c2c8f9467a5b51ea37911e52d007a3b0b7e921436acfa0797e432ee222cc6b_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:8fc8649474dea8d569636414cf1d4546c7ae8d7f1600f678ea5702cf20251127_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:e66317f4a8a4c71322758f5c358efb264c20f30a6c0d64b20c0671385e4a051d_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e97d3e07ad45206bc348682f3ee7c3dedc084f452394b5edcd8791b820293cd_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:d1a072978417714d1917368baf27045b9922987f5c54a9f30ba473e73c913fce_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:ec8527c4194453ae3fa7fedf9f11eb8e70f46f272736ac8c32e98b822a0a049f_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:27120e653977f168ae971f251c56d7d81243d6af69ab4ef18dce6c5546dd9641_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:96efdffd9c3f43d1cbed3468b6d4882e1e7a78f1aaca495c0e28e8cbbf71e540_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:efa747eea65f274f6a5d80f7a56f9c6387a806e3a5563483ba3adca4af36a130_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:513ca9ad731c00974a673e1d7489c60b63d698db26c3389a23690483fc95cde1_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a28d1908375442b6e8ef009b40a8ff9a16653c7948455f43afe74fe06a505518_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:d65ee2f23a5589b84b1959bf22660654a28a702eb095241f268fd3fa77224ae6_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:612d6f2d7d3708ccaf7fb2f2a8088c37192e71e8370565adbf8fb187027527cd_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:6a5d45c0c5d74cbcb406ecf1cd7a369b827fc64d08d3d213a53a9d41e9a14a17_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:923c511cfdfd1fe1ceb47d627355bd8fa1cbfb30afb4d7b5b6f2cb2505c862ac_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:84dab997597a901ca01d32001eebac23915e5bacd9ab34dc940a48d46b914d68_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:f9f0ac32f276f04b8b1ac2c158f0d5c2f4873d3166a4e762e4e04561fa401370_amd64", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:fbf5a432e4dd07cf5a3e115679fcebd5e8e6f8070de50b147f04a947bf107ccf_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:12264b29008b1787d05c11eae8cfb87cfc3eb328360b76f8ca7517c32a93373b_s390x", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:d4976746183e773fa777de5ae25f1753c7b1fd137bd88b7cc54af485af1cabc7_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:fa2b5dd7db7bc0244660d7b4f95a2c06a6fd12a35f1e66449b85ac628cf960b2_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:31c71fd8876661f6d2cb124aa9b090c445701b6f1ecb63d07dc0cdd462338c72_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:d9497c673469dc9dbc9b4a44fc7fa8fcdb7e795309d721660f5baa302f2b6ba9_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:deeb1422b359205583435060b077931bcf0bf2c058caffefc27963969a370170_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:02fdf30836dd523a00d4953e3ecd742e557d8665b555fd4ea676aa042d023de9_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:1be6b92bc1258d63aaaae0036a6ab99a5223c86b2520deac2c939d3e6332bedd_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:52e0d2321492b43162d0fbd9b219ded55a5445442e8c92f9060d3479ef781bb6_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3765" }, { "category": "external", "summary": "RHBZ#2126299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3765", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3765" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765" }, { "category": "external", "summary": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" } ], "release_date": "2021-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-12-14T06:09:09+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:7820" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:392340e4fd5a34c5e7daec8cb03bfd8ee256cc44a5358fab9aa598a5e6b23efb_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:44da9b1743a5462240da1dd26217a41c9f0c56355d1e4c9f568db08b59be3072_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5badaef19e5c3db4aae1a050212fe7e11e2ffdd9b232da5427b03fa075a1bcb8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "validator: Inefficient Regular Expression Complexity in Validator.js" } ] }
wid-sec-w-2023-0809
Vulnerability from csaf_certbund
Published
2023-03-30 22:00
Modified
2024-02-19 23:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0809 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json" }, { "category": "self", "summary": "WID-SEC-2023-0809 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0809" }, { "category": "external", "summary": "IBM Security Bulletin: 6967283 vom 2023-03-30", "url": "https://www.ibm.com/support/pages/node/6967283" }, { "category": "external", "summary": "IBM Security Bulletin: 6967333 vom 2023-03-30", "url": "https://www.ibm.com/support/pages/node/6967333" }, { "category": "external", "summary": "IBM Security Bulletin 6980799 vom 2023-04-04", "url": "https://www.ibm.com/support/pages/node/6980799" }, { "category": "external", "summary": "IBM Security Bulletin 7108657 vom 2024-01-17", "url": "https://www.ibm.com/support/pages/node/7108657" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449" } ], "source_lang": "en-US", "title": "IBM QRadar SIEM: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-19T23:00:00.000+00:00", "generator": { "date": "2024-02-20T10:06:43.480+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0809", "initial_release_date": "2023-03-30T22:00:00.000+00:00", "revision_history": [ { "date": "2023-03-30T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-04-04T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-01-16T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-02-19T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Fedora aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } }, { "category": "product_version_range", "name": "\u003c User Behavior Analytics 4.1.11", "product": { "name": "IBM QRadar SIEM \u003c User Behavior Analytics 4.1.11", "product_id": "T027026", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:user_behavior_analytics_4.1.11" } } }, { "category": "product_version_range", "name": "\u003c 7.4.3 FP9", "product": { "name": "IBM QRadar SIEM \u003c 7.4.3 FP9", "product_id": "T027027", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.4.3_fp9" } } }, { "category": "product_version_range", "name": "\u003c 7.5.0 UP5", "product": { "name": "IBM QRadar SIEM \u003c 7.5.0 UP5", "product_id": "T027028", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up5" } } } ], "category": "product_name", "name": "QRadar SIEM" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2022-4883", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-4883" }, { "cve": "CVE-2022-46364", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-46364" }, { "cve": "CVE-2022-46363", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-46363" }, { "cve": "CVE-2022-45143", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-45143" }, { "cve": "CVE-2022-42890", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-42890" }, { "cve": "CVE-2022-4254", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-4254" }, { "cve": "CVE-2022-42252", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-42252" }, { "cve": "CVE-2022-41966", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-41966" }, { "cve": "CVE-2022-41946", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-41946" }, { "cve": "CVE-2022-41704", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-41704" }, { "cve": "CVE-2022-40156", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40156" }, { "cve": "CVE-2022-40155", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40155" }, { "cve": "CVE-2022-40154", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40154" }, { "cve": "CVE-2022-40153", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40153" }, { "cve": "CVE-2022-40152", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40152" }, { "cve": "CVE-2022-40150", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40150" }, { "cve": "CVE-2022-40149", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-40149" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37598", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-37598" }, { "cve": "CVE-2022-3676", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-3676" }, { "cve": "CVE-2022-36364", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-36364" }, { "cve": "CVE-2022-36033", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-36033" }, { "cve": "CVE-2022-34917", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-34917" }, { "cve": "CVE-2022-31197", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-31197" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-2964", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-2964" }, { "cve": "CVE-2022-28733", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-28733" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-25927", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-25927" }, { "cve": "CVE-2022-25901", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-25901" }, { "cve": "CVE-2022-25758", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-25758" }, { "cve": "CVE-2022-25647", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-25647" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-24839", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-24839" }, { "cve": "CVE-2022-24823", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-24823" }, { "cve": "CVE-2022-24785", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-24785" }, { "cve": "CVE-2022-23437", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-23437" }, { "cve": "CVE-2022-22971", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-22971" }, { "cve": "CVE-2022-22970", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-22970" }, { "cve": "CVE-2022-21724", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-21724" }, { "cve": "CVE-2022-21628", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-21628" }, { "cve": "CVE-2022-21626", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-21626" }, { "cve": "CVE-2022-21624", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-21624" }, { "cve": "CVE-2022-21619", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2022-21619" }, { "cve": "CVE-2021-43797", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-43797" }, { "cve": "CVE-2021-42740", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-42740" }, { "cve": "CVE-2021-42581", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-42581" }, { "cve": "CVE-2021-39227", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-39227" }, { "cve": "CVE-2021-3918", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-3918" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-37713", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-37713" }, { "cve": "CVE-2021-37712", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-37712" }, { "cve": "CVE-2021-37701", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-37701" }, { "cve": "CVE-2021-3765", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-3765" }, { "cve": "CVE-2021-37137", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-37137" }, { "cve": "CVE-2021-37136", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-37136" }, { "cve": "CVE-2021-32804", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-32804" }, { "cve": "CVE-2021-32803", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-32803" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-26401", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-26401" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-25220" }, { "cve": "CVE-2021-23450", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-23450" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-23368", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-23368" }, { "cve": "CVE-2021-23364", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-23364" }, { "cve": "CVE-2021-23362", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-23362" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-21409", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-21409" }, { "cve": "CVE-2021-21295", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-21295" }, { "cve": "CVE-2021-21290", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2021-21290" }, { "cve": "CVE-2020-7764", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2020-7764" }, { "cve": "CVE-2020-5259", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2020-5259" }, { "cve": "CVE-2020-24025", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2020-24025" }, { "cve": "CVE-2020-15366", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2020-15366" }, { "cve": "CVE-2020-13936", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2020-13936" }, { "cve": "CVE-2019-6286", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2019-6286" }, { "cve": "CVE-2019-6284", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2019-6284" }, { "cve": "CVE-2019-6283", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2019-6283" }, { "cve": "CVE-2019-10785", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2019-10785" }, { "cve": "CVE-2018-8036", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-8036" }, { "cve": "CVE-2018-20821", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-20821" }, { "cve": "CVE-2018-20190", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-20190" }, { "cve": "CVE-2018-19839", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-19839" }, { "cve": "CVE-2018-19838", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-19838" }, { "cve": "CVE-2018-19827", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-19827" }, { "cve": "CVE-2018-19797", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-19797" }, { "cve": "CVE-2018-15494", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-15494" }, { "cve": "CVE-2018-11698", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-11698" }, { "cve": "CVE-2018-11694", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00Z", "title": "CVE-2018-11694" } ] }
wid-sec-w-2023-1542
Vulnerability from csaf_certbund
Published
2023-06-22 22:00
Modified
2024-05-21 22:00
Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Zustand herbeizuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1542 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1542.json" }, { "category": "self", "summary": "WID-SEC-2023-1542 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1542" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0139 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0139" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0143 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0143" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0137 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0137" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0121 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0121" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7820 vom 2023-12-14", "url": "https://access.redhat.com/errata/RHSA-2023:7820" }, { "category": "external", "summary": "Meinberg Security Advisory", "url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-01-lantime-firmware-v7-08-007.htm" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3742 vom 2023-06-22", "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3612 vom 2023-06-23", "url": "https://access.redhat.com/errata/RHSA-2023:3614" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3615 vom 2023-06-22", "url": "https://access.redhat.com/errata/RHSA-2023:3615" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3613 vom 2023-06-27", "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "category": "external", "summary": "Red Hat Security Advisory vom 2023-06-29", "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3943 vom 2023-06-29", "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3910 vom 2023-07-06", "url": "https://access.redhat.com/errata/RHSA-2023:3910" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3915 vom 2023-07-06", "url": "https://access.redhat.com/errata/RHSA-2023:3915" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3925 vom 2023-07-06", "url": "https://access.redhat.com/errata/RHSA-2023:3925" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4003 vom 2023-07-10", "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-6CFE7492C1 vom 2023-07-16", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-6cfe7492c1" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-AA7C75ED4A vom 2023-07-16", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-aa7c75ed4a" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4025 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4025" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4112 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4112" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4113 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4113" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4114 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4114" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4053 vom 2023-07-19", "url": "https://access.redhat.com/errata/RHSA-2023:4053" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4204 vom 2023-07-19", "url": "https://access.redhat.com/errata/RHSA-2023:4204" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4090 vom 2023-07-21", "url": "https://access.redhat.com/errata/RHSA-2023:4090" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4241 vom 2023-07-21", "url": "https://access.redhat.com/errata/RHSA-2023:4241" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4238 vom 2023-07-20", "url": "https://access.redhat.com/errata/RHSA-2023:4238" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4093 vom 2023-07-20", "url": "https://access.redhat.com/errata/RHSA-2023:4093" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4091 vom 2023-07-20", "url": "https://access.redhat.com/errata/RHSA-2023:4091" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4225 vom 2023-07-27", "url": "https://access.redhat.com/errata/RHSA-2023:4225" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4226 vom 2023-07-27", "url": "https://access.redhat.com/errata/RHSA-2023:4226" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4470 vom 2023-08-03", "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4335 vom 2023-08-08", "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4674 vom 2023-08-23", "url": "https://access.redhat.com/errata/RHSA-2023:4674" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05", "url": "https://access.redhat.com/errata/RHSA-2023:4983" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5103 vom 2023-09-12", "url": "https://access.redhat.com/errata/RHSA-2023:5103" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5233 vom 2023-09-19", "url": "https://access.redhat.com/errata/RHSA-2023:5233" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5314 vom 2023-09-20", "url": "https://access.redhat.com/errata/RHSA-2023:5314" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5006 vom 2023-12-30", "url": "https://access.redhat.com/errata/RHSA-2023:5006" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:6316 vom 2023-11-07", "url": "https://access.redhat.com/errata/RHSA-2023:6316" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7058 vom 2023-11-15", "url": "https://access.redhat.com/errata/RHSA-2023:7058" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7823 vom 2024-01-05", "url": "https://access.redhat.com/errata/RHSA-2023:7823" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-6939 vom 2023-11-21", "url": "https://linux.oracle.com/errata/ELSA-2023-6939.html" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-14A33318B8 vom 2023-12-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-14a33318b8" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7672 vom 2023-12-06", "url": "https://access.redhat.com/errata/RHSA-2023:7672" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202405-04 vom 2024-05-04", "url": "https://security.gentoo.org/glsa/202405-04" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2987 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:2987" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3254 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:3254" } ], "source_lang": "en-US", "title": "Red Hat OpenShift: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-21T22:00:00.000+00:00", "generator": { "date": "2024-05-22T12:11:49.378+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1542", "initial_release_date": "2023-06-22T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-22T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-25T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-26T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-28T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-29T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-05T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-06T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-10T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-16T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2023-07-17T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-18T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-20T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-26T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-08-03T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-08-07T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-08-23T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-05T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-12T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-19T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-20T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-11-07T23:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-11-14T23:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-11-21T23:00:00.000+00:00", "number": "23", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2023-12-03T23:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2023-12-06T23:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-12-13T23:00:00.000+00:00", "number": "26", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-01T23:00:00.000+00:00", "number": "27", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-04T23:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-10T23:00:00.000+00:00", "number": "29", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-30T23:00:00.000+00:00", "number": "30", "summary": "Neue Updates von Meinberg aufgenommen" }, { "date": "2024-05-05T22:00:00.000+00:00", "number": "31", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "32", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "32" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.08.007", "product": { "name": "Meinberg LANTIME \u003c7.08.007", "product_id": "T032435", "product_identification_helper": { "cpe": "cpe:/h:meinberg:lantime:7.08.007" } } } ], "category": "product_name", "name": "LANTIME" } ], "category": "vendor", "name": "Meinberg" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_version", "name": "Advanced Cluster Security for Kubernetes 4", "product": { "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4", "product_id": "T027916", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4" } } }, { "category": "product_version", "name": "Service Interconnect 1", "product": { "name": "Red Hat Enterprise Linux Service Interconnect 1", "product_id": "T028472", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:service_interconnect_1" } } } ], "category": "product_name", "name": "Enterprise Linux" }, { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift", "product": { "name": "Red Hat OpenShift", "product_id": "T008027", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:-" } } }, { "category": "product_version", "name": "Container Platform 4.12", "product": { "name": "Red Hat OpenShift Container Platform 4.12", "product_id": "T026435", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform_4.12" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.13.4", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.13.4", "product_id": "T028225", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.13.4" } } }, { "category": "product_version_range", "name": "Data Foundation \u003c4.13.0", "product": { "name": "Red Hat OpenShift Data Foundation \u003c4.13.0", "product_id": "T028289", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:data_foundation_4.13.0" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.12.22", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.12.22", "product_id": "T028307", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.22" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.11.44", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.11.44", "product_id": "T028416", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.11.44" } } }, { "category": "product_version_range", "name": "Data Foundation \u003c4.12.10", "product": { "name": "Red Hat OpenShift Data Foundation \u003c4.12.10", "product_id": "T031698", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:data_foundation__4.12.10" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.14.0", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.14.0", "product_id": "T031839", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.0" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.12.46", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.12.46", "product_id": "T031870", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.46" } } } ], "category": "product_name", "name": "OpenShift" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-20107", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2015-20107" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2020-10735", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-10735" }, { "cve": "CVE-2020-16250", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-16250" }, { "cve": "CVE-2020-16251", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-16251" }, { "cve": "CVE-2020-17049", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-17049" }, { "cve": "CVE-2021-28861", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-28861" }, { "cve": "CVE-2021-3765", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-3765" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-4231", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-4231" }, { "cve": "CVE-2021-4235", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-4235" }, { "cve": "CVE-2021-4238", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-4238" }, { "cve": "CVE-2021-43519", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-43519" }, { "cve": "CVE-2021-43998", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-43998" }, { "cve": "CVE-2021-44531", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44531" }, { "cve": "CVE-2021-44532", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44532" }, { "cve": "CVE-2021-44533", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44533" }, { "cve": "CVE-2021-44964", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44964" }, { "cve": "CVE-2021-46828", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-46828" }, { "cve": "CVE-2021-46848", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-46848" }, { "cve": "CVE-2022-0670", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-0670" }, { "cve": "CVE-2022-1271", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1271" }, { "cve": "CVE-2022-1304", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1304" }, { "cve": "CVE-2022-1348", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1348" }, { "cve": "CVE-2022-1586", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1586" }, { "cve": "CVE-2022-1587", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1587" }, { "cve": "CVE-2022-21824", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-21824" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-23540", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-23540" }, { "cve": "CVE-2022-23541", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-23541" }, { "cve": "CVE-2022-24903", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-24903" }, { "cve": "CVE-2022-2509", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2509" }, { "cve": "CVE-2022-26280", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-26280" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-28805", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-28805" }, { "cve": "CVE-2022-29154", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-29154" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-3094", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3094" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32190", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-32190" }, { "cve": "CVE-2022-33099", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-33099" }, { "cve": "CVE-2022-3358", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3358" }, { "cve": "CVE-2022-34903", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-34903" }, { "cve": "CVE-2022-3515", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3515" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-3715", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3715" }, { "cve": "CVE-2022-3736", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3736" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-38149", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-38149" }, { "cve": "CVE-2022-3821", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3821" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-3924", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3924" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40897", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40897" }, { "cve": "CVE-2022-41316", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41316" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-41717", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41717" }, { "cve": "CVE-2022-41723", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41723" }, { "cve": "CVE-2022-41724", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41724" }, { "cve": "CVE-2022-41725", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41725" }, { "cve": "CVE-2022-42010", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42010" }, { "cve": "CVE-2022-42011", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42011" }, { "cve": "CVE-2022-42012", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42012" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-42919", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42919" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-4415", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-4415" }, { "cve": "CVE-2022-45061", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-45061" }, { "cve": "CVE-2022-45873", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-45873" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2022-47024", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-47024" }, { "cve": "CVE-2022-47629", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-47629" }, { "cve": "CVE-2022-48303", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48303" }, { "cve": "CVE-2022-48337", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48337" }, { "cve": "CVE-2022-48338", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48338" }, { "cve": "CVE-2022-48339", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48339" }, { "cve": "CVE-2023-0361", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-0361" }, { "cve": "CVE-2023-0620", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-0620" }, { "cve": "CVE-2023-0665", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-0665" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-2491", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-2491" }, { "cve": "CVE-2023-24999", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-24999" }, { "cve": "CVE-2023-25000", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-25000" }, { "cve": "CVE-2023-25136", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-25136" } ] }
wid-sec-w-2022-1375
Vulnerability from csaf_certbund
Published
2022-09-11 22:00
Modified
2023-09-14 22:00
Summary
JFrog Artifactory: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JFrog Artifactory ist eine universelle DevOps-Lösung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in JFrog Artifactory ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszulösen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JFrog Artifactory ist eine universelle DevOps-L\u00f6sung.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in JFrog Artifactory ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-1375 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1375.json" }, { "category": "self", "summary": "WID-SEC-2022-1375 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1375" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5165 vom 2023-09-14", "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "category": "external", "summary": "JFrog Fixed Security Vulnerabilities vom 2022-09-11", "url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities" }, { "category": "external", "summary": "JFrog Fixed Security Vulnerabilities", "url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2022:6782 vom 2022-10-04", "url": "https://access.redhat.com/errata/RHSA-2022:6782" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5776-1 vom 2022-12-13", "url": "https://ubuntu.com/security/notices/USN-5776-1" } ], "source_lang": "en-US", "title": "JFrog Artifactory: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-09-14T22:00:00.000+00:00", "generator": { "date": "2024-02-15T16:58:09.779+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-1375", "initial_release_date": "2022-09-11T22:00:00.000+00:00", "revision_history": [ { "date": "2022-09-11T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2022-10-03T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates aufgenommen" }, { "date": "2022-10-04T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2022-12-12T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2022-12-20T23:00:00.000+00:00", "number": "5", "summary": "Referenz(en) aufgenommen: FEDORA-2022-DB674BAFD9, FEDORA-2022-7E327A20BE" }, { "date": "2023-09-14T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "6" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "JFrog Artifactory", "product": { "name": "JFrog Artifactory", "product_id": "T024527", "product_identification_helper": { "cpe": "cpe:/a:jfrog:artifactory:-" } } }, { "category": "product_name", "name": "JFrog Artifactory \u003c 7.46.3", "product": { "name": "JFrog Artifactory \u003c 7.46.3", "product_id": "T024764", "product_identification_helper": { "cpe": "cpe:/a:jfrog:artifactory:7.46.3" } } } ], "category": "product_name", "name": "Artifactory" } ], "category": "vendor", "name": "JFrog" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-4517", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2013-4517" }, { "cve": "CVE-2013-7285", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2013-7285" }, { "cve": "CVE-2014-0107", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-0107" }, { "cve": "CVE-2014-0114", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-0114" }, { "cve": "CVE-2014-3577", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-3577" }, { "cve": "CVE-2014-3623", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-3623" }, { "cve": "CVE-2015-0227", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-0227" }, { "cve": "CVE-2015-2575", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-2575" }, { "cve": "CVE-2015-3253", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-3253" }, { "cve": "CVE-2015-4852", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-4852" }, { "cve": "CVE-2015-7940", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-7940" }, { "cve": "CVE-2016-10750", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-10750" }, { "cve": "CVE-2016-3092", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-3092" }, { "cve": "CVE-2016-3674", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-3674" }, { "cve": "CVE-2016-6501", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-6501" }, { "cve": "CVE-2016-8735", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-8735" }, { "cve": "CVE-2016-8745", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-8745" }, { "cve": "CVE-2017-1000487", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-1000487" }, { "cve": "CVE-2017-15095", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-15095" }, { "cve": "CVE-2017-17485", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-17485" }, { "cve": "CVE-2017-18214", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-18214" }, { "cve": "CVE-2017-18640", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-18640" }, { "cve": "CVE-2017-7525", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-7525" }, { "cve": "CVE-2017-7657", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-7657" }, { "cve": "CVE-2017-7957", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-7957" }, { "cve": "CVE-2017-9506", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-9506" }, { "cve": "CVE-2018-1000206", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2018-1000206" }, { "cve": "CVE-2018-9116", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2018-9116" }, { "cve": "CVE-2019-10219", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-10219" }, { "cve": "CVE-2019-12402", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-12402" }, { "cve": "CVE-2019-17359", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-17359" }, { "cve": "CVE-2019-17571", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-17571" }, { "cve": "CVE-2019-20104", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-20104" }, { "cve": "CVE-2020-11996", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-11996" }, { "cve": "CVE-2020-13934", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-13934" }, { "cve": "CVE-2020-13935", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-13935" }, { "cve": "CVE-2020-13949", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-13949" }, { "cve": "CVE-2020-14340", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-14340" }, { "cve": "CVE-2020-15586", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-15586" }, { "cve": "CVE-2020-1745", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-1745" }, { "cve": "CVE-2020-17521", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-17521" }, { "cve": "CVE-2020-25649", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-25649" }, { "cve": "CVE-2020-28500", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-28500" }, { "cve": "CVE-2020-29582", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-29582" }, { "cve": "CVE-2020-36518", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-36518" }, { "cve": "CVE-2020-7226", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-7226" }, { "cve": "CVE-2020-7692", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-7692" }, { "cve": "CVE-2020-8203", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-8203" }, { "cve": "CVE-2021-13936", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-13936" }, { "cve": "CVE-2021-21290", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-21290" }, { "cve": "CVE-2021-22060", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22060" }, { "cve": "CVE-2021-22112", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22112" }, { "cve": "CVE-2021-22119", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22119" }, { "cve": "CVE-2021-22147", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22147" }, { "cve": "CVE-2021-22148", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22148" }, { "cve": "CVE-2021-22149", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22149" }, { "cve": "CVE-2021-22573", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22573" }, { "cve": "CVE-2021-23337", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-23337" }, { "cve": "CVE-2021-25122", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-25122" }, { "cve": "CVE-2021-26291", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-26291" }, { "cve": "CVE-2021-27568", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-27568" }, { "cve": "CVE-2021-29505", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-29505" }, { "cve": "CVE-2021-30129", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-30129" }, { "cve": "CVE-2021-33037", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-33037" }, { "cve": "CVE-2021-35550", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35550" }, { "cve": "CVE-2021-35556", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35556" }, { "cve": "CVE-2021-35560", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35560" }, { "cve": "CVE-2021-35561", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35561" }, { "cve": "CVE-2021-35564", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35564" }, { "cve": "CVE-2021-35565", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35565" }, { "cve": "CVE-2021-35567", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35567" }, { "cve": "CVE-2021-35578", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35578" }, { "cve": "CVE-2021-35586", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35586" }, { "cve": "CVE-2021-35588", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35588" }, { "cve": "CVE-2021-35603", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35603" }, { "cve": "CVE-2021-36374", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-36374" }, { "cve": "CVE-2021-3765", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-3765" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-38561", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-38561" }, { "cve": "CVE-2021-3859", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-3859" }, { "cve": "CVE-2021-41090", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-41090" }, { "cve": "CVE-2021-41091", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-41091" }, { "cve": "CVE-2021-42340", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-42340" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-43797", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-43797" }, { "cve": "CVE-2022-0536", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-0536" }, { "cve": "CVE-2022-22963", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-22963" }, { "cve": "CVE-2022-23632", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-23632" }, { "cve": "CVE-2022-23648", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-23648" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-24769", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-24769" }, { "cve": "CVE-2022-24823", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-24823" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-29153", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-29153" }, { "cve": "CVE-2022-32212", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32212" }, { "cve": "CVE-2022-32213", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32213" }, { "cve": "CVE-2022-32214", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32214" }, { "cve": "CVE-2022-32215", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32215" }, { "cve": "CVE-2022-32223", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32223" } ] }
gsd-2021-3765
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
validator.js is vulnerable to Inefficient Regular Expression Complexity
Aliases
Aliases
{ "GSD": { "alias": "CVE-2021-3765", "description": "validator.js is vulnerable to Inefficient Regular Expression Complexity", "id": "GSD-2021-3765" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-3765" ], "details": "validator.js is vulnerable to Inefficient Regular Expression Complexity", "id": "GSD-2021-3765", "modified": "2023-12-13T01:23:35.133573Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3765", "STATE": "PUBLIC", "TITLE": "Inefficient Regular Expression Complexity in validatorjs/validator.js" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "validatorjs/validator.js", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "13.7.0" } ] } } ] }, "vendor_name": "validatorjs" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "validator.js is vulnerable to Inefficient Regular Expression Complexity" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-1333 Inefficient Regular Expression Complexity" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" }, { "name": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1", "refsource": "MISC", "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" } ] }, "source": { "advisory": "c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "discovery": "EXTERNAL" } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c13.7.0", "affected_versions": "All versions before 13.7.0", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-1333", "CWE-937" ], "date": "2023-07-07", "description": "validator.js is vulnerable to Inefficient Regular Expression Complexity", "fixed_versions": [ "13.7.0" ], "identifier": "CVE-2021-3765", "identifiers": [ "CVE-2021-3765" ], "not_impacted": "All versions starting from 13.7.0", "package_slug": "npm/validator", "pubdate": "2021-11-02", "solution": "Upgrade to version 13.7.0 or above.", "title": "Inefficient Regular Expression Complexity", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2021-3765", "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" ], "uuid": "8c7f4b81-e7ec-4433-b8f9-52c6c11c9732" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:validator_project:validator:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "13.7.0", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3765" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "validator.js is vulnerable to Inefficient Regular Expression Complexity" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-1333" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "refsource": "CONFIRM", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" }, { "name": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2023-07-07T19:27Z", "publishedDate": "2021-11-02T07:15Z" } } }
ghsa-qgmg-gppg-76g5
Vulnerability from github
Published
2021-11-03 17:34
Modified
2021-11-03 14:46
Severity ?
Summary
Inefficient Regular Expression Complexity in validator.js
Details
validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity
{ "affected": [ { "ecosystem_specific": { "affected_functions": [ "(validator).rtrim" ] }, "package": { "ecosystem": "npm", "name": "validator" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "13.7.0" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2021-3765" ], "database_specific": { "cwe_ids": [ "CWE-1333" ], "github_reviewed": true, "github_reviewed_at": "2021-11-03T14:46:00Z", "nvd_published_at": "2021-11-02T07:15:00Z", "severity": "MODERATE" }, "details": "validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity", "id": "GHSA-qgmg-gppg-76g5", "modified": "2021-11-03T14:46:00Z", "published": "2021-11-03T17:34:45Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765" }, { "type": "WEB", "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" }, { "type": "PACKAGE", "url": "https://github.com/validatorjs/validator.js" }, { "type": "WEB", "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "type": "CVSS_V3" } ], "summary": "Inefficient Regular Expression Complexity in validator.js" }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.